|
Title: Firewall transparent Post by: bucrepus on Friday 16 July 2010, 03:11:19 am Is this firewall transparent (transparent mode or bridge), or is a NAT required? I thought about hooking it up between our corp lan gateway and workstations.
I tried to assign 172.18.6.2/24 and 172.18.6.1 GTWY as the red and 172.18.6.3 as the green but it said they had to be on diff network segments. Any ideas? Changing the GREEN to something else like 192.168.0.x and changing the workstations to this address scheme works but I need to leave the workstations on the 172.18.6.x network (transparent) INTERNET /T1 --- CORP GATEWAY (172.18.6.1) --- ENDIAN --- SWITCH --- WORKSTATIONs (172.18.6.x) Thanks BUC Title: Re: Firewall transparent Post by: DFen on Saturday 17 July 2010, 10:58:53 pm Hi bucrepus
I think the issue here is that you need to route traffic through the firewall - thus red and green need to be on different subnets. If the corporate gateway is 172.18.6.1 then the red subnet could be 172.18.6.0/30 with the red ip set to 172.18.6.2 If you need the remainder of the /24 to be on Green then you need multiple subnets defined on Green 172.18.6.4/30 172.18.6.8/29 172.18.6.16/28 172.18.6.32/27 172.18.6.64/26 172.18.6.128/25 You may be able to do this through the network->routing->static interface ( I havn't tried) However it can be defined manually using "ip route" commands on device br0 |