hi all,
I'm having a problem installing the valid addresses rules on the interfaces
of my fw1
solaris x86 box. My network looks like this:
isp --->bri0---cisco 25xx--ethernet0 198.30.14.254 (255.255.255.0) ----> \
--->fw1 cnft0 198.30.14.1 (255.255.255.0).....pcn0 10.1.1.1(255.255.255.0)
---> \
---->cisco 45xx enet1 10.1.1.254 (255.255.255.0)....enet 0 198.30.12.254
(255.255.255.0)
also has frame in from several 10.xx.xx. nets and clas.c.nets
I have defined a network for each internal class c and the 10 network
I have defined a network for the legal class c 198.30.14.
I have defined a group which contains the above network objects (transnet).
I thought that the valid addresses for the internal fw interface (pcn0) s/b
"transnet" and for the external interface "others+class.c.net1.254" the
isdn router.
putting this in place effectivly stops all traffic.
am I being a dunce ?
ps does anyone else think that fw1, solaris and docs written in that style
(eg legato)
are awful ? all the how and none of the why !
------------------------------------------------------------------------
Martin C. Walker martinw @
epcorp .
com
Project Lead Voice: (513)629-2517
Eagle-Picher Industries Fax: (513)629-2449
580 Walnut St, Cincinnati, OH 45202
|
|
