Thx for your answer.
Still a little bit confused.
This is the scheme with ip addresses:
Internet (Different ISP)
|
Subnet Y (10.0.0.0/20)
Subnet Y (10.0.0.0/20)
|
(eth0)-10.0.1.254
Firewall
(eth1)-10.0.1.253
|
My Subnet(10.0.1.0/24)
(eth0)-10.0.1.254
Firewall
(eth1)-10.0.1.253
|
My Subnet(10.0.1.0/24)
|
(eth1)-10.0.1.1(default route for My Subnet)
Firewall/Router(SNAT)
(eth0)-some real ip address
|
Internet (My ISP).
Internet (My ISP).
<<What you need to do is make sure the bottom firewall (which I assume is the
default route for the machines in your Subnet 10.0.1.0/24) has a route for
Subnet Y pointing to eth1 as the next hop.
The top firewall just needs to know about the two networks on either side of
it, which is automatic under Linux - it will only need a default gateway of
its own if it needs to contact the Internet for its own reasons (eg DNS?).>>
default route for the machines in your Subnet 10.0.1.0/24) has a route for
Subnet Y pointing to eth1 as the next hop.
The top firewall just needs to know about the two networks on either side of
it, which is automatic under Linux - it will only need a default gateway of
its own if it needs to contact the Internet for its own reasons (eg DNS?).>>
The top firewall box doesn't need to contact the Internet. Will have to forward packets between the interfaces and filter the traffic.
Best regards.
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
