RE: Classes of firewalls (based on IP utilization)

[Todd Barlow <todd () lightspeedsystems com>]

I would suggest a Firewall that will allow for "bridging" between two (or
more) Interfaces.
In this mode, both Interfaces can be on the same subnet (but different
network segments) and don't route traffic, only "bridge" it (layer-2) across
segments.

There may be other solutions, but this sounds easiest.

Todd Barlow
Lightspeed Systems, Inc.
ph: 661.324.4291
http://www.lightspeedsystems.com


-----Original Message-----
From: list tracker [mailto:list_tracker () hotmail com]
Sent: Sunday, February 25, 2001 02:43 AM
To: firewall-wizards () nfr com
Subject: [fw-wiz] Classes of firewalls (based on IP utilization)



So far, I have created the following types of firewalls:

1. One subnet (or even one IP) on the external interface, and another subnet

of fake IPs on the internal, using NAT one <--> many.

2. One subnet of real IPs on the external, and one subnet of real IPs on the

internal, with a next-hop route from the external subnet to the internal 
(said next hop route is set up on the router the firewall connects outwards 
to)

I am wondering what can be done if I want to use ONLY real IPs, but I also 
only want to use ONE subnet.  If I have a /24, with no subnets, and the 
router is .1, and the FW external is .2, and the FW internal is .3 and 
workstations are .4 - .254 ... is there a way to work this ?
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards