The firewall uses the IP address (usually) for its external interface for
all external communications. The router would only see one IP address. The
firewall would handle the translation for the internal machine.
At 01:26 PM 1/26/99 -0800, you wrote:
>This is a configuration scenario for a firewall and
>router.
>
>INTERNET ---ROUTER------FIREWALL----INTERNAL
> NETWORK
>
>now say we use 16 IP addresses allotted from the
>ISP. one for the router and one for the ext interface
>of the firewall.
>so we have remaining is 12 usable IP addresses.
>
>also say we use only one flat network for the 16
>IP addresses.
>
>my question is about the interaction between the
>router and ext interface of the firewall.
>say we have an internal host which has been
>NATed to the valid IP addresses(one from the
>range that we have).
>
>here is the crux. once the packet from the Internt
>reaches the router , how does it manage to go to
>the internal host ? I mean since the IP address of
>the router and the NATed Ip address in the packet
>belong to the same network , the router would
>do an ARP. and since there is no host by that
>IP address , the connection would drop.
>
>The solution is to add a static route entry for this
>IP address. But what i intend do via this post
>is ask my peers if they encountered this problem.
>To be frank, this was the problem with a leading
>brand of firewall. For others, i dealt with three other
>brands, there was no problem.
>so i was wondering as to how come ?
>
>If any of you has any clue as to how are the
>headers manipulated then please do let me know.
>
>thanks and please email me a cc of your replies.
>tally
>
>
>
>
>_________________________________________________________
>DO YOU YAHOO!?
>Get your free @yahoo.com address at http://mail.yahoo.com
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
