[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: IP forwarding of public IP with no NATing
Alternatively you could set up your firewall in bridging mode to your DMZ,
which would mean you don't have to spend any IP addresses on it, and further
makes it essentially transparent to the outside world. A useful tutorial on
how to do this appeared a few months ago on daemonnews, the link is here:
The only caveat is that you must pay very close attention to your ipf rules.
I've set up firewalls in this manner and they work splendidly.
> -----Original Message-----
> From: Cedric Berger [SMTP:firstname.lastname@example.org]
> Sent: Monday, July 23, 2001 4:43 PM
> To: Kevin Nottelling; email@example.com
> Subject: Re: IP forwarding of public IP with no NATing
> > > Could someone please tell me what I'm missing?
> > Probably setting up proper static routes for all your networks (on *all*
> > your boxes)
> > If you don't know what I mean, send me the result of
> > "netstat -nrf encap"
> That was "netstat -nrf inet", sorry.
> > a "tcpdump -pni <internal_interface>" would be interresting too.
> > Cedric