dgilleece@optimumnetworks.com
2002-Jan-12 21:42 UTC
[Shorewall-users] Routable Adresses on Private LAN (WAS: AD-Filter?)
Sorry for incorrect title. I used reply, and thought I had changed it :/ It something is also freaking out on my end...I have 6 copies of my original message forwarded back to me... ----- Forwarded message from dgilleece@optimumnetworks.com ----- Hi all, I am in the process of setting up a firewall to protect a range of 128 routable addresses. They need to be routable because of this client''s need to access multiple-vendor VPN systems, using both client-to-subnet connections and subnet- to-subnet connections, mostly in aggressive mode; thus, likely to be broken by NAT. The documentation and my web searches have shown little in they way of example configurations, and not much general discussion on the approach. I realize the NAT''d private address approach is more prevalent, but I''d appreciate some background perspective from anyone has implemented such a setup. My questions: 1. Are there any example configurations around for this type of setup? 2. Is the implementation simply a matter of leaving the NAT settings off and supplying the proper internal range? 3. Are any additional/different rules necessary or advisable in such a system? 4. Any other issues a relative newcomer should be aware of, or background docs anyone might point me to? Many thanks, Dan ----- End forwarded message -----