Hi,
I was wondering if anyone had any idea about using Bering/Shorewall without
using Masqurading or NAT. We are at a University so we already have all the
machines on our network assigned to real addresses. I dont really want to
change all of them to private addresses but I am having problems in
configuring Bering Shorewall to do this.
Currently we have a gateway 134.36.22.1 and our main switch connects to that
and its all very straight forward. Our plan was to add the firewall between
the gateway and the switch i.e.
Gateway Firewall ExtFirewall IntSwitch Hosts
134.36.22.1 134.36.22.2 134.36.22.5 * 134.36.22.???
gw=134.36.22.1gw=134.36.22.5
We also need to enable access to our webserver for ssh, www and ftp access. I
was planning on doing this either via a separate zone/hosts or via rule
exceptions in Shorewall.
I have a pair of machines that I have connected to the firewall so I can try
things but the only way I have go anything to work was adding static routes
on the firewall and even then I couldnt get very far as I was still running
NAT.
My test setup worked well with NAT using private addresses. Bering was
straightforward to setup in this case. (Kudos to the authors)
Unfortunately I suspect my knowledge of TCP/IP has sort of run its course at
this point and I am a bit stuck for what to try next. I was considering
trying to chuck out the NAT kernel modules and set it up as a bridge but the
example configuration also used NAT
Cheers,
Jonathan
--
Dr Jonathan Monk, Dundee Satellite Receiving Station
University of Dundee, Dundee, DD1 4HN
tel: 44 (0)1382 344409 fax: 44 (0)1382 345415
e-mail [EMAIL PROTECTED] http://www.sat.dundee.ac.uk
___
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user