Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] FW with subnetted network

To: <[email protected]>, <[email protected]>
Subject: Re: [FW1] FW with subnetted network
From: "Robert MacDonald" <[email protected]>
Date: Tue, 21 Nov 2000 15:19:25 -0500
Sender: [email protected]

Hoang,

If the Net 1 clients don't know where to route and
they send to the router, the router is either going
to send a redirect or forward the packet itself(both?).
This will have the effect of adding traffic that is un-
needed to your network. If this network is small, then
it's not a big deal.

I would make the default route for net 2 clients,
the router and for net 1 clients, the fw. If you have a
DHCP environment, this is easy to change. If you have to
hand change, then either leave alone, change them all
at once or change them when you need to do something
else to the client(consolidated changes).

As for adding routes to your fw, you should only need
to add 192.168.2.0 to the fw route table. The 192.168.1.0
net can be reached directly.

Robert

- -
Robert P. MacDonald, Network Engineer
Team Lead, e-Business Infrastructure
G o r d o n   F o o d    S e r v i c e
Voice:email: [email protected]

>>> "Hoang" <[email protected]> 11/21/00 12:58:23 PM >>>
>
>Hi Folks.
>
>I have this running for a while now, and this is a sanity check.  Here is my
>setup.
>
>I have two internal networks split up by a router.  The addresses are:
>192.168.1.0 for net 1, and 192.168.2.0 for net 2.  The router interfaces has
>IPs of 192.168.1.1 and 192.168.2.1 for the two networks.  My workstations
>are using the router's IPs as the gateway addresses.
>
> My FW-1 internal interface is 192.168.1.2 and sitting on net 1.  I have set
>my router to to forward all packets (that it cannot route) to the FW-1
>interface.  I have add network 1.0 and 2.0 to my FW-1 routing table.
>
>Net 2 ---------Router----------Net 1
>                                         |
>                                         |----FW-1--------Border
>router----------the World.
>
>Question is am I doing it right?  NAT is working OK for both Networks.  My
>user can surf the Net OK.  My consultant suggest I set my workstations to
>use 192.168.1.2 (FW interface) as the gateway.  The chances of bringing down
>a FW (for upgrade, patches, crashes) are greater than the router.  That
>would disrupt operation quite often.  What would you think?




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Number of users
Next by Date: Re: [FW1] FW 1 FAQ
Previous by thread: [FW1] FW with subnetted network
Next by thread: RE: [FW1] FW with subnetted network
Index(es):
- Date
- Thread