mailing list archives
Re: Firewall on the same subnet
From: Luca Berra <bluca () comedia it>
Date: Sun, 5 Nov 2000 19:20:42 +0100
On Thu, Nov 02, 2000 at 02:36:38PM +0100, Ivo Janssen wrote:
In my case, an incoming ADSL line delivers a UTP cable that outputs
traffic for our whole assigned C class subnet (let's say 1.1.1.x)
Normally, I would just plug that into a switch and connect the 256
machines to it. But I want to put a firewall in between.
So my situation will be: (scenario 1)
ADSL-ISP ----- DSLAM-port ----- firewall ---- internal network
<- external networks ->|<- 1.1.1.x network ->
1) you talk your adsl isp into putting a static route
for 220.127.116.11/24 thru your firewall
2) you use proxy arp
3) you set the external interface of the firewall in promisc.
which one is uglier?
Luca Berra -- bluca () comedia it
Communication Media & Services S.r.l.
firewall-wizards mailing list
firewall-wizards () nfr com