[ previous ] [ next ] [ threads ]
 
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Double firewall
 Date:  Sun, 23 Feb 2014 16:43:37 -0600
On 02/23/2014 03:19 PM, Joschka Blohm wrote:
> Thanks Lee for your reply. :)
>
> I just understood half of it maybe because I'm a non-native speaker, but
> I can guess what your point is.

Let me be a little more clear, then. :)

Klaus is doing it in series.  You go through one first, and then the 
other.  If one fails, all fails, unless you physically change things.

I am saying go through one OR the other.  Example...

Shophos LAN 192.168.1.1/24
m0n0wall LAN 192.168.1.2/24
Plug both into the same switch to your LAN.

Sophos WAN 4.2.2.2
M0n0wall WAN 4.2.2.3
Plug both into the same switch on your WAN from ISP.

Run DHCP on Sophos only.  DHCP clients see Sophos as gateway, and all 
devices on LAN. (Including m0n0wall)  For servers with Static IPs, point 
them at m0n0wall.  They will use m0n0wall as a gateway, and still see 
everything on the LAN, including the sophos.  Both routers are reachable 
from the outside.

			Lee