Bret J Esquivel wrote:
Hi,
I have a cable modem at my office with a /28 allocated. I have a FreeBSD 6.1
firewall/router in between the cable modem and the switch to other nodes. My
question is how could I add static routes to say my web server having an
external IP address but still going through the firewall box? NAT is not an
option.
INET (70.164.48.225/28) -> [xl0] Firewall (70.164.48.226) [xl1] -> [xl0] Web
server (70.164.48.227)
Only really one choice if you really don't want NAT (i've run web
servers with a static nat many times though so i wouldn't rule it out if
i were you)
Routing wouldn't work in this scenario as you dont have enough control,
you would have to bridge the interfaces on your firewall. man if_bridge.
Bridging xl0 and xl1 on your firewall will make it act like a 2 port
hub, but pf ,ipfw and ipf can still filter packets going across it.
Personally in this situation i'd just add the IPs to the freebsd box and
set static NATs up for anything that needs to be externally visible but
a bridging firewall should work too.
Vince
Thanks in advance.
Bret
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
