TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:10864] IP Masquerading



> I would suggest a different approach.  Have a box with three interfaces,
> One to the outside world, one to your "internet servers", and one to your
> "clients".  (add a fourth if you want to firewall the "servers" away from
> the "clients" on top of the "outside world" and the "internet servers")
> Now mind you, keep this all PCI and on a decent box, cause its gonna have
> a ton of ipchains rules to parse per packet.
>
> Scott Dier <dieman@ringworld.org> #nicnac@efnet 612.301.0265
>       destiny's admin       | The first thing we do,
>  http://www.ringworld.org   |  let's kill all the lawyers.
> finger me for gnupg/pgp key |   -- Wm. Shakespere, "Henry VI"
>

Scott,

I brought this idea to my boss, and he loved it.  I convinced him to modify
our topology,
so all our servers on the 205 subnet are on one hub, the 192 subnet on a
second, and the world
off the third.

I'm pumped....

Maybe I can get this Firewall up and running, now that I'll have a 'normal'
topology to deal with....

YAY!!!!

Brian J. Ackermann