Hi, I am building a firewall that will have two groups of subnets behind it which I'll provision via vlans.
The upstream provider will be supplying a router with a single interface with two subnets routed into it, one is a private connection to the corporate WAN and the other is a public (Internet) block. One group of subnets behind the firewall will be SNAT'd out through a public IP on the firewall and another group will be routed on out through the corporate WAN to another site and eventually an Internet gateway via a private IP on the firewall. What I am struggling with is using IP aliases on a single interface on the firewall to communicate with the upstream router. I'm thinking it might be easier to add a third nic with a separate address, plug them both into a switch along with the upstream. Any hints would be appreciated. ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
