Hello firewalls list readers,
I have a client who has an IP network based on a non-registered B class
address. They wish to connect to the Internet and can either:
1. Apply for a block of C class addresses (they cannot justify an official
B class address), allocate one C class address as the Internet access point,
and install a firewall of some sort.
or
2. Apply for a single C class address and use it as their Internet access
point, and install a firewall system that includes a box that connects the
official network to the unofficial network. This box would not advertise
routes and may need to have proxy services for telnet, ftp, etc.
Option 1 represents the usual environment into which firewall systems are
deployed, however, reassigning IP addresses would represent considerable
disruption to the client.
What (if any) are the firewall implications associated with adopting Option
2?
Any comments/suggestions/advice welcome.
Chris Rhodes
Hewlett-Packard, Sydney, Australia
Internet Address: Rhodes_Chris/hp9061 @
hpausa1 .
aus .
hp .
com
Follow-Ups:
|
|
