Hello: I decided to send this as a separate question to make it easier to answer from the last question.
I have set-up my OFR to use DHCP with an internal address space of 10.1.1.0/24. My OFR will receive my 71.159.206.0/29 on the IP of 71.140.62.22. So I'm using NAT to map 71.159.206.2 to 10.1.1.2 (as a bi-directional NAT). Now I want to have some rules (firewall?) to allow only a few ports to connect to the 71.159.206.2 (10.1.1.2) system such as SMTP, SSH, FTP, HTTP and a few others. The question I have is should these rules be defined as Firewall rules or as NAT rules? Once this question and my other question on 'Reflector Lists' are answered I will have a replacement for my Cisco-806 (which is getting bit old in age). Tony _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users