TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: [TCLUG:18127] Firewalled subnet configuration?]



This didn't go yesterday because of a stupid mistake on my part. Let see
if this shows up...

Troy Johnson wrote:
> 
> Ahh! Please excuse my misunderstanding.
> 
> "Thomas T. Veldhouse" wrote:
> > My problem (or dilemna) is that I can not figure out how to get 200.0.0.5
> > and 200.0.0.6 on separate interfaces - and I don't see how because of the
> > network and broadcast address overlapping - or in this case - they simply
> > fall in the same network no matter how you split.
> 
> Yeah, I don't think you can get those two addresses into separate
> networks. Is the router to firewall network shared with other hosts? It
> would be nice to eliminate the need for a routable address on the LAN
> side of the router. Can you change this variable of the problem, or is
> this a constant?
> 
> > I haven't figured out if there is a way to do it with NAT on the router
> > and then NAT on the firewall.
> 
> I think so. Has anyone done multiple layers of NAT? I can't think of a
> reason it would not work, but I am no NATman.
> 
> > Any ideas?  I don't believe that it is actually possible.  If I discard
> > the firewall - then it becomes an easy thing to do.  The firewall is my
> > catch.
> 
> Just those, but I am sleepy. Anyone else?