Hi there
I got a question about routing. There is a subnet 199.199.199.208/28
with 16 official ip numbers. Internet connection is done by a xDSL Modem
and a router (199.199.199.209) to which I don't have access. The ip's 211
and 222 are used for dns servers and 212 and 221 for a web and a mail server.
I'm installing a firewall which should be in front of all public machines and
and there will be a private net (192.168.1.0). I want to seperate the Router
and the public machines. My first idea was to split the official subnet into
2 subnet like this:
1. subnet 199.199.199.208/29 (hostid's 209-214)
2. subnet 199.199.199.216/29 (hostid's 217-222)
As I don't have access to the router and it is configured with ip
199.199.199.209, I would have to change the ip for the dns server from 211 to
220 and the ip for the webserver from 212 to 219. The firewall would have 3
nic's as follows:
1. nic for private net with ip 192.168.1.1/24 (will be nated)
2. nic for "ext" net with ip 199.199.199.210/29
3. nic for "dmz" net with ip 199.199.199.217/29 (will just be routed)
With this procedure, I would have one nic of the firewall and the Router in
the "ext" net and another nic of the firewall and all the public machines in
the "dmz" net. So, seperation is done, BUT, as the router is configured with a
netmask of 255.255.255.240, connection requests from internet go directly to
the public machines, instead of to the firewall.
How should I set up routing properly, so that ALL connections must go thru
the firewall ?
Sorry for my english ...
Cheers
Phibo
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
