TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:11644] firewall packages
Yep, that's pretty much what I had in mind. And being the visual person that I
am, the ASCII art is quite helpful :-)
Dave Sherman
Troy Johnson wrote:
>
> Dave,
>
> Dave Sherman wrote:
> > If I do the above, would I then register a domain and give the registered IP to
> > the firewall? I'll keep reading, but if anyone knows this off-hand...
>
> To illustrate one simple way to do it would be this:
>
> 10bT 10bT
> ---------[firewall]---------------------[your clients]
> a.b.c.d e.f.g.h | m.n.o.p
> |
> L----------[AS/400]
> q.r.s.t
>
> You are right in that the external interface of [firewall] would get the
> registered domain name address (a.b.c.d), and the internal addresses
> (e.f.g.h, m.n.o.p, and q.r.s.t) would all be on a private network
> (192.168.x.x, 172.16.x.x, or 10.x.x.x). [your clients] would use e.f.g.h
> as a gateway address, as would [AS/400], and [firewall] would IP Masq
> their addresses. Packets coming to the port a.b.c.d:80 would be
> forwarded to q.r.s.t:80 on [AS/400].
>
> Example network addresses would be:
> a.b.c.d = 123.123.123.123
> e.f.g.h = 192.168.1.254
> m.n.o.p = 192.168.1.3 (through 192.168.1.253)
> q.r.s.t = 192.168.1.2
>
--
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/O d- s+: a C++ UL/US>$ P++ L+>++++ E- W+++(--) N+ o? K- w++(---) O@ M V?
PS@ PE Y+ PGP- t+ 5+++ X+ R+ tv+ b++ DI+ D+ G e++(*) h--- r+++ y+++
------END GEEK CODE BLOCK------