[ previous ] [ next ] [ threads ]
 
 From:  Christoph Hanle <christoph dot hanle at leinpfad dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Will this work
 Date:  Fri, 17 Feb 2006 22:47:03 +0100
Peter Lauda schrieb:
> I haven't got a lot of experience with setting up firewalls but I
> _think_ this will work. Feel free to enlighten me, please.
> 
> I want/need a firewall to sit between an outside world connection and my
> internal network. The catch: ths historical setup is horrible. No
> firewall and systems sitting in the open and barely protected. The only
> way the I can firewall ALL of the systems that need protection, I have
> to do the following:
> 
> Put a firewall at an address (wan side) that is a public address. The
> other (lan side) address will also have to be an address that is within
> the public address space of the wan side.
> 
> A - Is this going to work?
> B - Am I buying more trouble by doing it?

Hi you need a m0n0wall wih three nics, and bridge wan and lan.
take a look in the documentation and mailinglist, there are many 
descriptions for this.

but on the other hand, you should plan to build a clean net with private 
internal IPs and new build PCs and Servers. I can't believe that all the 
PCs and servers are clean.
  "I want/need a firewall to sit between an outside world connection and 
my internal network. The catch: ths historical setup is horrible. No
firewall and systems sitting in the open and barely protected."
This does not look very fine, and it seems to me, that there has been no 
securityconcept.

bye
Christoph
> 
> 
> I have a monowall box about ready to go into place but I'm worried it
> will bring the network down if I am wrong about it working.
> 
> Any advice welcome.
> 
> --p
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 

-- 
last words:
"let's make the backup tomorrow"