Hi Benno,
There are a number of solutions for this problem:
1) If you don't want to filter any traffic, you can simply place the machine
outside your firewall.
2) Get your ISP to assign a second IP range and get them to route this not to
your ISP's router but to the GNAT Box. You can then assign one of the addresses
to a new interface on your firewall and add this new IP range as IP Pass Through
Hosts/Networks. After doing this you can use the rest of the IP addresses in
this range, specifying the GNAT Box as default gateway.
3) If you are unable to get an extra IP range, set up a bridge between your free
network interface and the external interface. You can now configure machines on
this interface as if it were on the outside of the firewall (i.e. use your ISP's
router af default gateway).
If you choose options 2 or 3, you can configure your firewall policies in the
"IP Pass Through Filters" section.
Regards,
Maarten Vink
Interstroom IT BV
Distributor Benelux
http://www.gnatbox.nl/
Scheldebouw wrote:
Hello,
I have some issues with getting pass through to work in a specific
situation:
We have been given a /29 range (6 usable addresses) by our ISP (lets say
123.123.123.32/29). The router is on .33, the Gnatbox is .35. Our
internal network uses NAT and DHCP in the 192.168.1.x/24 range. I've
already setup some aliases, tunnels and filters from some of the
external interface addresses to servers in our network using NAT and
that is all working fine.
I want to give one device (a dedicated video conference unit) an
external address (123.123.123.38) via pass through directly connected to
a separate, dedicated interface on the Gnatbox. I do not want to connect
this device to the protected network. I have a free port on the Gnatbox
for this. The device must have all TCP and UDP open, both inbound and
outbound as the H.323 protocol uses dynamic ports >1024 and I can't get
it to work with NAT anyway, even with the appropriate filters and tunnels.
I'm not sure on how to set this up or if it's possible at all. Any help
would be greatly appreciated.
best regards,
Benno
------------------------------------------------------
To unsubscribe: [EMAIL PROTECTED]
For additional commands: [EMAIL PROTECTED]
Archive: http://archives.gnatbox.com/gb-users/
