Mario Biron <mario @
almerco .
ca> wrote:
"I tried both method and decided to go with masquerading...."
Yeah, that's probably the best way, I guess I was trying to
avoid setting up the masquerade.....I guess it's just one
more thing to figure out!
I guess it goes on the internal router....right?
-inet
-outer router (pipeline 50 running secure access software for flexible IP
filters)
-perimeter net with bastion host as above (I guess I'll need to subnet my
class C in
half to make the IP filter rules work for the three networks.
- inner router (another stripped down bastion host Debian linux machine)
^^^^^^^^^^^^
||||||||||||
- inner network - my hosts and internal mail hub/DNS.
Henry Hollenberg speed @
barney .
iamerica .
net
|
|
