I have an interesting situation here at work that you might be able to help
me out with...
I currently am administering two IP net domains in our office. One domain
is for corporate connectivity; the other is a part of our customer's network
via a bridge. The two domains reside on separate segments, with a Novell
server in the middle. IP traffic is not routed through Novell, thus it is
acting as a simple firewall (no IP traffice of any kind allowed between
the two segments). Here is a really crude ASCII picture:
Customer network ------- bridge -- Customer LAN segment - Novell
Corporate LAN segment
Corporate router ----------------------
What we would like to move to is this:
Customer network --- FIREWALL scheme --- LAN --- Corporate router
This would eliminate the need to administer two separate IP domains,
which would give us some much-needed autonomy. The firewall setup has
to be able to support the standard connectivity tools (telnet, ftp,
X, SMTP, HTTP, NNTP, etc.), AND support IPX and SQL*Net traffic as
I am sorry... forgot to mention that we would desire an application
gateway design as firewall of choice. I also should make it explicit
that the firewall would be acting as a gateway between our net and
the customer's in the proposed scheme; we have our own class C, and
intend on moving all systems in the office to that domain.
I would guess that a person could set up a "plug" gateway to allow
SQL*Net traffic to pass, but would like to confirm that. I am also
having a difficult time finding a tool/product that would support
IPX traffic as well.
Does anyone have any tips, suggestions, etc. on what we should be
looking for? Any help would be greatly appreciated. If you need more
details, please mail me and I'll let you know how we fell into the
mess we're in now :-). I hate inheriting networks sometimes :-(.
This network scheme has grown like a noxious weed, and will probably
have to be pulled up by the roots to be killed :-P.
I plan on posting a summary on my findings.
John Bell, CACI Inc. - Federal
Bloomington, Indiana (Midwest RE-Engineering Division)
mil -OR- jbii @
"Hi ho! Yow! I'm surfing ARPANET!"
- anagram for "The Information Superhighway"