Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Q regarding Fw between networks setup

To: "'fw-1 listserv'" <[email protected]>
Subject: [FW1] Q regarding Fw between networks setup
From: Mike Glassman - Admin <[email protected]>
Date: Tue, 2 Jan 2001 11:44:38 +0200
Cc: Mike Glassman - Admin <[email protected]>
Sender: [email protected]

All,

I need to setup a FW between my main network and another network, in order
to allow communication between users on my network and a server on the other
network, and to allow specified users on the other network access to the
internet via my network.

The other network is not connected to the outside world.

Schematics is as follows :

Other Network (Network-A)
|
FW
|
My Network (Network-B)
|
FW
|
Internet

I need :

To allow some users on Network-B to access a server on Network-A (Netware
server)

To allow some users on Network-A to access the internet via my Network-B and
my FireWall (connected to the internet).

Network-A is setup with network 172.28.X.X Class B.
Network-B is setup with network 172.18.X.X Class B.

My first question is :

Which side is the external leg of the FireWall on the FW between Network-A
and Network-B (Which side should I register the license on) ? 

I figured, that since the most important issue is allowing my users to
access the Netware server on Network-A, that the leg of the FireWall on my
Network-B should be the "real" registered leg. Thus I would set the Netware
servers default gateway to the FWleg on Netwok-A, and allow communication
between my users and it to return to my users. This would also allow users
on Network-A to access my network and thus to allow me to NAT their
172.28.X.X addresses to a semi-legal Network-B address (part of the FW's
"outside" leg pool), which I could then NAT again on my FW and allow them
access to the internet.

Second Q is :

What would the best way be to allow my users access to this Netware server,
if they also access Netware servers on their own network (Network-B), and,
Network-A's IP pool is different from Network-B's IP pool, and the Netware
servers are set up on seperate trees (for security reasons) ?

All and any thoughts on this would be gratefully accepted (especially re
Q1).

Thanks ahead,



Mike Glassman
System & Security Admin
Israeli Airports Authority
Ben-Gurion Airport
http://www.ben-gurion-airport.co.il

Tel : 972-3-9710785
Fax : 972-3-9710939
Email : [email protected]

Usage of this email address or any email address at iaa.gov.il for the
purpose of sales pitches, SPAM or any other such unwanted garbage, is
illegal, and any person, whether corporate or alone doing so, will be
prosecuted to the fullest possible extent.






================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Redundancy & HA
Next by Date: Re: [FW1] Anti-spoofing rules lost
Previous by thread: RE: [FW1] Redundancy & HA
Next by thread: Re: [FW1] Anti-spoofing rules lost
Index(es):
- Date
- Thread