First I'd like to thank Charles and everyone else who worked on the
Dachstein release. It's exceptional! I've been running various LRP
and LEAF releases for the last few years, but this one is by far the
best.
Now some background for my question. I've set the Dach (and others)
up for basic firewall and routing, DMZ and VPN setups, but this is the
first time I've set up what I'd call a Bastion firewall. I have a
Cyclades 300 single port with DSU/CSU in a small pentium machine
attached to a full T1 using Frame Relay. I've modified the Dach
release for support for the Cyclades hardware and it all works. I
have a block of 8 assigned public addresses to work with, one of which
is be on eth1 (internal) of the bastion firewall, one is on eth0
(external) of the Choke firewall guarding the internal private
network, and the rest will be used as needed in the DMZ between the
Bastion and the Choke machines.
Now... on the Bastion firewall the Cyclades/Bell South setup puts a
172.20.xx.xx address on the external (pvc0) interface (and yes there
is an hdlc0 interface, but no address get assigned to it) with the
first of my static addresses on eth0, my internal interface, like this:
internet
|
----------------
172.20.x.y pvc0
bastion
65.83.a.b eth0
----------------
|
DMZ
|
Choke
|
private network
At this point I'm a bit lost as how to setup my firewall. I don't see
how I can use the external (pvc0) interface in the firewall setup as it
uses private addresses. I'm sure I'm missing something here... If
someone would clue me in I'd greatly appreate it!
Best
Cokey
--
------------------------------------------------------------------
F. 'Cokey' de Percin, DBA Email:
CSC (formerly Mynd) Work - [EMAIL PROTECTED]
Columbia, South Carolina Home - [EMAIL PROTECTED]
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
