The "untrusted" (internet side) port of the firewall wil have a public IP address. The "trusted" (LAN side) port of the firewall
Have a look at www.netscreen.com and look for the NS5. It is specialy build for this kind of opperation.
Vincent de Lau
System Administrator / MSCE
Tridion (http://www.tridion.com)
mailto:[EMAIL PROTECTED]
-----Original Message-----
From: Manesh, Nasser (CAP, PTL) [mailto:[EMAIL PROTECTED]]
Sent: dinsdag 15 augustus 2000 14:48
To: ''
Subject: IP addressing on firewall
Hi everybody,
Sorry for stupid question - First-time firewall experience! :)
I am thinking of a firewall setup for a small business. Naturally, the
firewall box should have two NICs with two IP addresses. The NIC at
internet side (connecting to a DSL router) will have a valid IP address.
I'm confused about the other side - and naturally the network addres for
this other side and the rest of my small network should be the same:
1) Does a firewall act like a gateway (TCP router)? Can I put a 192.168 IP
address at the other side for example?
2) If (1) is possible, are there any advantages in putting "real, valid" IP
addresses on the internal side and the rest of the network? What's the
usual practice for IP addressing in such a scenario?
3) If I want to use NAT, should I use it on the firewall box or somewhere
else on the network?
If there's a document I can read, a URL/pointer/whatever will be highly
appreciated...
TIA,
--Nasser
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
