Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: Firewall on the same subnet
From: Luca Berra <bluca () comedia it>
Date: Sun, 5 Nov 2000 19:20:42 +0100

On Thu, Nov 02, 2000 at 02:36:38PM +0100, Ivo Janssen wrote:
In my case, an incoming ADSL line delivers a UTP cable that outputs
traffic for our whole assigned C class subnet (let's say 1.1.1.x)
Normally, I would just plug that into a switch and connect the 256
machines to it. But I want to put a firewall in between.

So my situation will be: (scenario 1)

  ADSL-ISP ----- DSLAM-port -----  firewall ---- internal network
       <- external networks ->|<- 1.1.1.x network ->

1) you talk your adsl isp into putting a static route
for thru your firewall

2) you use proxy arp

3) you set the external interface of the firewall in promisc.

which one is uglier?


Luca Berra -- bluca () comedia it
    Communication Media & Services S.r.l.

firewall-wizards mailing list
firewall-wizards () nfr com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]