Firewall Wizards mailing list archives
strange firewall setup
From: Arc Angel <fwizlist () yahoo com>
Date: Wed, 7 Jul 1999 12:16:20 -0700 (PDT)
I was at a customer site recently doing something only vaguely related to their firewall, and was totally baffled. I don't understand why it worked. Naturally, me being the consultant, I didn't want to ask them. It looked a little like the diagram below. IP addresses have been changed; onsite they are legitimate addresses. |---------------| |-----| |----------------------------------------| | router | | | | Cisco Pix Firewall | | 192.168.0.1 |----| Hub |----| Ext IP Unknown Int IP 192.168.0.20 | | 255.255.252.0 | | | | (by me) NM 255.255.252.0 | |---------------| |-----| |----------------------------------------| | |-----| | Hub | | (~~~~~~~~~~~~~~~~~~~~~~~~~~~) ( Internal network ) ( 192.168.0.0:255.255.252.0 ) (~~~~~~~~~~~~~~~~~~~~~~~~~~~) In other words, everything on the entire network was using 192.168.0.0/22, including the router *and* the firewall. But, physically, the router was on the other side of the firewall. And the router (192.168.0.1) was the default route for all the hosts on the internal network. How could this work? Would the firewall have to ARP as 192.168.0.1, but then know to forward? Thanks, wizards. _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Current thread:
- strange firewall setup Arc Angel (Jul 12)
- RE: strange firewall setup Thomas Crowe (Jul 13)
- Re: strange firewall setup Bill Pennington (Jul 13)
- <Possible follow-ups>
- RE: strange firewall setup Martijn Berlage (Jul 13)
- Re: strange firewall setup Robert Graham (Jul 13)
- RE: strange firewall setup LeGrow, Matt (Jul 13)
- Re: strange firewall setup Robert Graham (Jul 15)