Chris Buechler wrote:
>On Wed, 19 Jan 2005 10:28:08 -0330, Anthony Paul <anthonypaul at gmail dot com> wrote:
>>I don't think this works if you are using AD on your network.
>>I appreciate there are a number of workarounds that work to varying
>>degrees, and have varying degrees of upkeep, varying degrees of
>>configuration complexity, but as one of the above posters said, it's
>>frustrating that every $20 router on the market can do this - no
>But a $25K Cisco PIX *can't* do it. there are other commercial
>firewalls with the same limitation. So I wouldn't moan too much about
>it. your $20 routers also aren't real firewalls, don't support
>multiple public IP's and advanced NAT configurations, etc. Overcoming
>it is a lot easier when you can only have one possible public IP and
>have very minimal flexibility in configuration.
>There are bounce utilities that'll get around this problem. If it
>bugs you that much, find one and figure out how to configure it to get
This isn't really a matter of m0n0 or the PIX or anything else NOT doing
something, it is in fact a matter of them doing what they're designed to
do. That happens to be prevent spoofing of IP addresses to allow entry
through the firewall. If you'd like to disable that protection, then
m0n0 and the PIX, and any other firewalls which provide this protection
can step down to the level of that $20 router. Did you catch the name
difference there? Firewall and router. Not the same thing. The only
protection you get from the router is the fact that you're doing NAT
which reduces your exposure by some level. There is no other protection
provided in the $20 router.
That said, I'm running SBS2003 behind mine, and the host file hacks work
just fine. Multiple websites, separate mail server, etc., all with no
problem. I'm sure that it is DNS configuration 99% of the time if it
doesn't work. Of course, with 2003 stuff, any network connectivity is
99% DNS related it seems. :)
Sleepy Dragon Enterprises
Do not meddle in the affairs of dragons, for
you are crunchy, and taste good with ketchup!