But how does the Linux Box get the IP-Adress of the ISP ? You would need
it on the linux box if you want to run nat there ...
I would run nat only on the Cisco1720. The router just has to translate
the outside IP of the linux box to the public IP assigned by the ISP.
Assuming you disable routing on the linux box and you will use proxy-
services (squid, socks5, fwtk) to provide controlled internet access
to the users.
hth
Reinhold
--
Reinhold Fischer
CCNP/SunCSA/HP Certified Consultant for Network Management
On Sat, 9 Sep 2000, Trevor Corness wrote:
> Yes, definately. Don't run NAT on the Router, only use it on the Linux box.
> I assume you have a LAN of a few (or more) PCs on the other side of the
> Linux box. You will need a cross-over UTP cable (best solution) and then
> set it up similiar to this :
>
> Internal PCs (2, 10, 50, 2000)
> ||||||||||||||||||
> Ethernet/FE Switch
> |
> Linux Internal NIC1 (Inside address)
> Linux PC
> Linux External NIC2 (Outside address)
> X (cross-over cable)
> X
> Eth 0
> 1720 Router
> WIC 0 WIC 1
> I I
> I I
> PSTN PSTN
>
> Basically, use a switch/hub with your internal PCs hooked up in a LAN
> configuration. Plug the Inside IP NIC of the Linux box into that
> hub/switch. This completes your internal network.
>
> Use a crossover cable to connect your Outside (Live) IP NIC to the E0 of the
> 1720 router. This is a separate cable segment, with 2 nodes.. E0, and the
> NIC (xl1 or whatever).
>
> As usual, have your 2 WICs connecting the PSTN as they do now.
>
> This is best, as the Linux box now also segments all the broadcast traffic
> and "crap" from the LAN side, and blocks that traffic from "sneaking" out
> into the "real" world. I have done this several times in the past, and it
> works fine.
>
> Regards,
> Trevor Corness, CCNA MCSE MCP+Internet
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Shane Stockman
> Sent: September 9, 2000 1:43 PM
> To: [EMAIL PROTECTED]
> Subject: Linux Proxy server and 1700 using NAT
>
>
> I have a cisco 1720 with 2xISDN WIC cards and a Linux Proxy Server with
> 2xNIC's. I need to know whether I can use 1 nic for the internal address and
> another for the global addresse's given by the ISP using only one ethernet
> port of the 1720.
>
> -------- --------
> -Proxy--NIC1(Internal) -Router-ISDN WIC 0---|-->PSTN
> -Server-NIC2(Outside )---->-Eth0---ISDN WIC 1---|
> -------- --------
>
> Sorry for the sketch
> I also need to connect the Proxy to a 2924 for 8 users
> Is this possible ?
>
> Any Solution
>
> Thanks
>
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
