Firewalls: Re: Your Message Sent on Tue, 4 Nov 1997 11:56:45 +0530 (IST)

Firewalls
(November 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Your Message Sent on Tue, 4 Nov 1997 11:56:45 +0530 (IST)
From:	varmav @ verisign . com (Vik Varma)
Date:	Wed, 5 Nov 1997 09:31:59 -0800
To:	Firewalls @ GreatCircle . COM, murthy @ sparc03 . barc . ernet . in

> Hello Sirs!
> 
> We have a class `C` internet address space at our disposal. I want to
> split into two subnets and connect them using firewall. I want to keep
> important systems like DNS and MAIL server on the subnet outside firewall
> which will have direct internet access. Hosts inside fire wall should have
> internet access for all applications, whereas internet hosts should be
> prevented from accessing hosts on subnet inside firewall. MAIL server
> 
> Does anybody know how to configure linux FWTK for this setup

Is there a reason you want a valid class C address space inside your firewall? 
Why not just use one of the private class C addresses specified in RFC 1918? 
This is typically what you want to do, using the firewall box as your gateway to 
the world and have it perform NAT (via proxies) on all external services.

--
Vik Varma				VeriSign, Inc
System Administrator			(650) 429-3352
Operations, Information Systems		Vik .
 Varma @
 verisign .
 com

Follow-Ups:

Re: Your Message Sent on Tue, 4 Nov 1997 11:56:45 +0530 (IST)
From: "c.s.r.murthy" <murthy @ sparc03 . barc . ernet . in>

Indexed By Date	Previous:	NT Server Security From: jonathan tobin/DBK <dyabolyk @ dyabolyk . com>
Indexed By Date	Next:	Re: Hijak detection From: Jason Keimig <jkeimig @ idir . net>
Indexed By Thread	Previous:	RE: Info about v-one products? From: Rachel Zedeck <rzedeck @ eni . net>
Indexed By Thread	Next:	Re: Your Message Sent on Tue, 4 Nov 1997 11:56:45 +0530 (IST) From: "c.s.r.murthy" <murthy @ sparc03 . barc . ernet . in>