On 2001.11.27 15:53 Benjamin Stocker wrote: |I maintain a small Hosting center with 6 webservers, fax, pop3-mail. |etc. I only have one C Subnet! I would like to protect my servers with |a |iptables firewall. Unfortunately, it seems to be odd to put the fw AND |the servers in the same subnet. | |It seems to be possible to install two NIC's in the firewall and point |one of them to the Net, the other to the webservers, but both |configured |for the same subnet. But that configuration seems to be rare and I |cannot find documentation about it. Check this out http://www.linuxdoc.org/HOWTO/Firewall-HOWTO-3.html#ss3.2 I would imagine you'll want to set something up akin to the 'Single Router Architecture' described here. Basically you'll sit your firewall behind your router, and have all your machines behind pointing to it as a default route. You will need 2 NICS, probably assign the internal interface of the firewall xxx.xxx.xxx.254 as is the usual convention, although your ISP may have already assigned this to the external interface? Sketch something out and post it up first if you are unsure. HTH Tom ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
