Firewall Wizards mailing list archives
RE: Adding 2ndary IP to IPSO
From: "Babatunde A Jayeju-akinsiku" <jayeju () blueyonder co uk>
Date: Fri, 23 May 2003 16:12:18 +0100
Barney I have 32 public addresses on a 64kps line (upgrade is already in the pipeline). some of the addresses have already been ported to other firewalls. I am trying to port some services to different IP addresses on the checkpoint (plan is to do away with the other firewalls and put everything behind the checkpoint). the need to use different IP is to be able to manage bandwidth, services & traffic I am not allowed to use public IP addresses on internal servers even if it is passing through the firewall. Now going to your suggestion of using 255.255.255.255 as netmask I can see the reason why it'll work but isn't there any security implication of doing that? thanks Baba -----Original Message----- From: Barney Wolff [mailto:barney () databus com] Sent: 22 May 2003 05:00 To: Baba Jayeju Cc: firewall-wizards () nfr net Subject: Re: [fw-wiz] Adding 2ndary IP to IPSO On Wed, May 21, 2003 at 03:10:35PM -0000, Baba Jayeju wrote:
Guys, i am having problems adding a secondary IP address to an interface on a NOKIA 350 box running checkpointFW-1 FP2. The problem is that this IP address is on the same subnet as that of the external interface. (i know it is doable as i have done it on other platforms) has anyone come accross similar problems and what was the workaround.
I'm not sure exactly what you're asking. If the problem is to add a second address on the same subnet that the first address of the interface is on, use a netmask of 255.255.255.255 - that works on FreeBSD, and so I suspect it will work on the Nokia. If instead you want to transparently bridge the external subnet to an internal interface, someone else will have to answer for fw1. Why is it that you need to do that? -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Adding 2ndary IP to IPSO Baba Jayeju (May 22)
- Re: Adding 2ndary IP to IPSO Barney Wolff (May 23)
- RE: Adding 2ndary IP to IPSO Babatunde A Jayeju-akinsiku (May 24)
- Re: Adding 2ndary IP to IPSO Barney Wolff (May 24)
- RE: Adding 2ndary IP to IPSO Babatunde A Jayeju-akinsiku (May 24)
- <Possible follow-ups>
- RE: Adding 2ndary IP to IPSO Pieper, Rodney (May 24)
- RE: Adding 2ndary IP to IPSO Babatunde A Jayeju-akinsiku (May 24)
- Re: Adding 2ndary IP to IPSO Barney Wolff (May 23)