Hmmmm....
I am at a total loss, maybe I am missing something but these seems so basic...
Few questions
1. Are the IP adresses Internet legal or illegal?
2. If illegal, are you running NAT?
3. If legal, why??? (IE, NAT would be better UNLESS the NT box is a server
that needs INCOMMING traffic. Which really can't be the case IF the NT box
is a DHCP client!)
4. IF you want to be SO restrictive as to PICK and CHOOSE sites, just allow
all outgoing traffic access to AO-Hells IP adress range. Disallow all
incoming traffic... Done...(You want to explictitly deny so you can log!)
Of course it's easier to allow all outgoing and no incomminmg!
IF the point is that only a few people have I-Net access, then use
Firewall-1's Secure Client to authenticate......
Why do you want to be that restrictive with access???
How much detail do you need?
Did this help at all?
At 04:44 PM 6/9/97 -0400, Donald Branch wrote:
>
>Let me restate my previous DHCP and firewall 1 Question.
>
>I have a Windows NT machine running DHCP I want to be able from
>that one machine to be able to get out to AOL but since it's ip
>address keeps changing I can't make a rule based on his ip address.
> I do not want to open up the port that AOL uses to the world just
>one machine. Any one have any ideas would be appreciated.
>
>
>
> Donald Branch
>
> Unix Sys Admin
>
>
>
>
>
>
|
|
