On Wed, Oct 10, 2001 at 12:38:55AM -0500, Amergin wrote:
> 
> I've run into a problem setting up a ipf firewall for a friend. He's got a
> block of addresses assigned to him. And I've just noticed, while setting
> it up, the addresses he picked for the firewall. Both are on the
> same subnet. The internal net will also be on the same subnet as the
> outside interface.
> 
> Now is it me, or can I not set up the firewall this way? It does not seem
> correct logically. And if I do seperate the nics onto seperate nics, I
> will lose 2 needed addresses, unless I'm mistaken.
> Any and all advice appreciated.

I think the solution for this is to config all addresses to the outside
interface (using interface aliases), use a private address class for the
LAN and use NAT/RDR to redirect each IP to the rigth host.

--
Manuel Bouyer <bouyer@antioche.eu.org>
--