Suresh Kumar R wrote: > Hi, > > I am trying to setup a linux (debian potato, kernel > 2.2.19) box as a firewall . I have 3 nics on it. > > First one(210.212.236.97) connected to my cisco > router. 2rd card (eth1) to internal lan with pvt ips. > Third(eth2) (210.212.236.113) one to a hub which > connects to my machines with public ips (my dmz).my > dmz has proxy/mail/web servers.
Suresh, I set up a similar configuration a while ago. After running into a variety of problems, I posted my solution here: http://lists.debian.org/debian-firewall/2001/debian-firewall-200105/msg00080.html Since your DMZ addresses are part of the same subnet from your ISP as your "external" address, you have to use something like proxy ARP to help the firewall box know where the DMZ addresses are. There are also other alternatives that I outline in the posting above. HTH Stan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
