Another point I didn't mention.... Given that the the x.x.50.65 network is already routing via the x.x.8.14, transitioning to the non router way shouldn't make much difference.
-- Martin Hepworth Snr Systems Administrator Solid State Logic Tel: +44 (0)1865 842300 > -----Original Message----- > From: David Brooks [mailto:[EMAIL PROTECTED] > Sent: 24 November 2005 15:22 > To: [email protected] > Subject: RE: [gb-users] Two Public Networks - One Provider > > Hmm, > > No special configuration to allow 544 in. > > Using Surf Sentinel transparent proxy. > > OBF allow all out. > > David > > > At 09:05 AM 11/24/2005, Martin Hepworth wrote: > >In a word yet it can. > > > >Just assign the internet site of the firewall the ip-addresses you need > as > >aliases. > > > >I do this (have have done this for well over 6 years) > > > >-- > >Martin Hepworth > >Snr Systems Administrator > >Solid State Logic > >Tel: +44 (0)1865 842300 > > > > > -----Original Message----- > > > From: Todd Ritter [mailto:[EMAIL PROTECTED] > > > Sent: 22 November 2005 20:14 > > > To: [email protected] > > > Subject: [gb-users] Two Public Networks - One Provider > > > > > > I was hoping the Gnatbox gurus out there could help me solve this > problem, > > > which I think is solvable. > > > > > > > > > > > > We currently have a SONET connection that gives us an Ethernet handoff > > > that > > > is plugged into our Cisco Router. The Cisco router is plugged into > our > > > Gnatbox 1000. The Gnatbox is plugged into our network switch. I > don't > > > see > > > a reason to keep the Cisco router in place, but I'm having difficulty > > > wrapping my head around the IP addressing/routing with the firewall. > > > There > > > are 2 sets of public IP's involved, and 1 private scheme > (192.168.1.0/24). > > > Our external router address is assigned an IP in the range of our > service > > > provider: X.X.8.14/30, and the internal interface on our router is > > > assigned > > > an IP that is in the range of our public subnet assigned to us by our > > > provider from ARIN: X.X.50.65/28. The external interface on our > gnatbox > > > is > > > X.X.50.66/28. Can the gnatbox route between all 3 networks even > though > > > only > > > 2 network interfaces on the firewall would have physical connections? > > > > > > > > > > > > -I want tunnels from outside users to go to our assigned subnet > > > (X.X.50.64/28) to go to private servers like they do now. > > > > > > -I want our private workstations to be able to access all our servers > by > > > private IPs like they can now > > > > > > > > > > > > I'm not sure if this is possible, but it doesn't seem to me like our > > > router > > > is doing anything for us. Although, how does the rest of the world > know > > > where our X.X.9.64/28 address are without a router? RIP on the > firewall? > > > I > > > assume I need to use a PSN somehow, but it seems like it would cause > > > problems with our static VPN connection that uses an IP from our range > > > (X.X.50.66), so I would want to be able to keep that for the VPN > object. > > > And I have some "special" users mapped to our external IP's (in the > > > X.X.50.64/28 range) for outbound VPNs to clients that I still need to > use. > > > > > > > > > > > > Please see this picture for a drawing of what I'm trying to explain: > > > http://www.westfaliausa.com/proposed.jpg > > > > > > > > > > > > I hope this makes some sense, and I really appreciate any > help/thoughts > > > that > > > you can provide. > > ------------------------------------------------------ > To unsubscribe: [EMAIL PROTECTED] > For additional commands: [EMAIL PROTECTED] > Archive: http://archives.gnatbox.com/gb-users/ ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote confirms that this email message has been swept for the presence of computer viruses and is believed to be clean. ********************************************************************** ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
