Dear Simon,
Actually the public ip from ISP is (excuse me to hide the IP)
External $fw= 202.xxx.xxx.1 (eth0)
Internal1$fw = 202.xxx.xxx.2 (eth1) to web server with public ip 202.xxx.xxx.3
Internal2 $fw= 60.xxx.xxx.1 (eth2) to mail server with public ip
60.xxx.xxx.2
The ISP has given me different subnet public ip especially for mail server,
cause of the old IP has blocked and we can't sending out any messeges. Actually
the old one was in the same subnet with webserver.. And don't know why they
gave us different subnet now..
I don't configure masq/NAT yet, but I suspecting the ISP did the masq/NAT on
their router..
The topology ISP--Router--Firewall--Server
________________________________
From: Simon Hobson <[email protected]>
To: Shorewall Users <[email protected]>
Sent: Friday, August 28, 2009 4:18:03 PM
Subject: Re: [Shorewall-users] 2 internal interface using different public ip
wisnu dwi hidayat wrote:
>External $fw= 172.1.1.1 (eth0)
>Internal1$fw = 172.1.1.2 (eth1) to web server with public ip 172.1.1.3
>Internal2 $fw= 60.1.1.1 (eth2) to mail server with public ip 60.1.1.2
Taking the second one first, that's just a matter of routing (ie do
NOT configure Masq/NAT) between outside and inside interfaces.
The first one is trickier - you have the same subnet on internal and
external interfaces which means you either have to bridge eth0 and
eth1 or use proxy arp.
It might help if you tell us EXACTLY what information your ISP has
given you about your IP allocations - the above looks rather unusual
to me.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
