Re: Say it ain't so

[geek () midway com (Erik Van Riper)]

Jim Leo wrote:
> Hi All,
>       I've got a meeting with our Firewall Installers on the 29th. Got 
> pulled into as a result of 'centralizing' our computer/technology 
> staff and creation of a helpdesk. The upshot is this. We have been 
> apprised by one of the staff (Originally selected 
> installation/Firewall) and was told that every device behind the 
> firewall would have to 'be touched' for anything to work. It almost 
> sounds like a complete rework of the network setup/standard. We were 
> told that all IP addresses would have to be changed. Somehow I get 
> the impression that this is the installers idea, and I'm not quite 
> willing to by into it. I feel that it should be possible to 'plug-in' 
> any properly configured firewall (with the exception of the proxies) 
> and not have to reconfigure machines. 
>       Am I wrong?

If you are using addresses that are not private, and do not belong
to you, then yes, you would (should!) have to change all the internal
IP addresses to what is legal.

There are kludges around it, but it just gets nasty in the long run.

Ask questions.  Find out what and why, then ask the list for an
opinion, I don't think you have given us enough info.  :)

-- 
Erik Van Riper (EV34)                    Systems / Network Administrator
Midway Home Entertainment Inc.                     San Diego, California
(619) 658 9500 (x110)                    
Go player.