[OT] Corporate Firewall -- NAT/PAT != bridging/routing with inspection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Adam Gibson <agibson@xxxxxxx> wrote:
> M0n0wall is a freebsd based system but it does support a
> public IP DMZ/Service interface.  You have to enable 
> advanced NATing.

Layer-3/4 Source and Destination NAT/PAT (network/port
address translation) is _not_ the same as layer-2 bridging or
layer-3 routing between networks and inspecting the packets
then.  I think he's looking for layer-2 bridging or layer-3
routing, not SNAT/DNAT.

IPCop does SNAT/DNAT, and can translate multiple public IPs
into private ones -- LAN, 2nd LAN (e.g., WLAN), DMZ, etc...
as well.  1:1 (NAT-only), 1:Many, Many:1.  Not the same as
inspecting frames/packets as they pass through a true layer-2
bridge, or a layer-3 router.

> Remote updating of the firmware/software is a big plus too.

As with IPCop.



-- 
Bryan J. Smith                | Sent from Yahoo Mail
mailto:b.j.smith@xxxxxxxx     |  (please excuse any
http://thebs413.blogspot.com/ |   missing headers)

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux