This depends on which firewall you are using.
if it is a "packet filtering" firewall, just allow packets to go accross (at
your own risks?).
if it is proxy based, then not all proxies bind to the original clent
address (this requires kernel
modification...). on the gauntlet on Unix I mean. not sure if this is
possible on NT), just
use the "force-source-address" directive (or something like that. check your
doc).
on some other firewalls, this is "pass-source-address" (or, again, something
like that).
anyway, when using proxies, you have to make sure that the response will go
to the proxy!
otherwse, you'll have "dangling" sockets. in other words, if the proxy binds
to the client address,
then the response will go to this address, but since the proxy is waiting
for the response, it should get
to the proxy. you'll then have to divert/absorb response packets.
mouss
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Mueller
> Sent: Thursday, May 11, 2000 6:40 PM
> To: [EMAIL PROTECTED]
> Subject: Problem with private IP
>
>
> Hello,
>
> as you suggest, I am in trouble.
>
> There is this configuration for a part of our network:
>
> <Internet>
> I
> I
> I Real network address
> <Router ISP>
> I 192.168.0.1
> I Transfer Zone
> I 192.168.0.2
> <Firewall>
> I Real network address
> I
> I 192.168.1.x and Real network address
> <clients>
>
> -----
> If the firewall is configured to masq the clients ip, it will use its own
> private network address - which will not work.
> I want the firewall to send the packages with the real network address.
>
> How can I do this?
>
> Any hints?
>
> Regards,
> Michael
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
