Simply set the system IP to 0.0.0.0 and you do not need a mapped address. You
can simply connect to the IP address assigned to the interface.
On Thursday 20 September 2001 05:16, Devon True wrote:
> I did setup a MIP that mapped the untrusted interface's IP to the system
> IP, but that did not work for me. :(
>
> Also, it is my understanding that you have to web/telnet to the system IP,
> you cannot web/telnet to any interface IP. Is that correct?
>
> I'll try the ssh suggestion.
>
> Thanks for your reply.
>
> Devon
>
> >Hi Devon,
> >
> >don't set the system ip address to be on the public/untrusted interface.
> >Routing will be easier the way you have it.
> >
> >The reason you can't connect from the untrusted network to the trusted
> >interface is because you have a firewall policy that is preventing you (no
> >mip) - and that is a good thing. If you need web admin access from the
> >public/untrusted side short-term - just set telnet and/or web access on
> > the untrusted interface (check boxes in the gui - interface page) or via
> > cli. As a long-term solution I would only use ssh to the untrusted side,
> > or create a vpn tunnel (with nsremote, or another ipsec client)and come
> > in to the trusted interface.
> >
> >hope that helps. let me know if you still are having trouble.
--
Peter Bruderer mailto:[EMAIL PROTECTED]
Bruderer Research GmbH Tel ++41 52 620 26 53
IT Security Services Fax ++41 52 620 26 54
CH-8200 Schaffhausen http://www.bruderer-research.com
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
