NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] DHCP requests and FW-1



Yes, a DHCP relay is one way to go.  Generally I would recommend that you
use a router between the users and the firewall for various reasons (on both
networks) unless there are compelling reasons not to.  It sounds like you do
not have the routers and/or that your firewall is your router.  If you have
the router or some other device which can act as the relay agent, then make
it the relay agent.  The only caveat to using another device is that you
would be either redirecting the "proxied request" out the same interface
that the original user request was made (if that is possible with the agent
in question) or you would bypass your firewall.

If you do not have the router, the money, or the time, then in a pinch, you
can use your firewall.

Bill
----- Original Message -----
From: "Elisabeth Lidie" <[email protected]>
To: <[email protected]>
Sent: Tuesday, August 06, 2002 2:31 PM
Subject: [FW-1] DHCP requests and FW-1


> Current info:    4.1 SP2 running on Sun Ultra 10, Solaris 2.6.
>
> My LAN folks are setting up a remote office which has a fiber link to the
> local building.  There is a switch at each site.  There is a firewall
> between the two network segments, located here at the local site.  (The
> local switch is plugged into one of the ports on a quad card.)
>
> There is a DHCP server at the local site, and it needs to serve the PC's
at
> the remote site.  I can see bootp traffic being broadcast, but I don't see
> any return traffic from the local server.   The rulebase allows for all
> traffic in both directions through this particular firewall for these two
> network segments.   Based on my research thus far, I believe there needs
to
> be a DHCP relay somewhere in this structure.
>
> I've found how to configure the firewall at the OS level to relay DHCP
> requests, although I haven't tried it yet.  (I wanted to check with this
> list first.)   Is that how I should proceed, or is there a 'better' way to
> accomplish this?
>
> Thanks for your help and/or opinions.
>
> Elisabeth
>
>
>
> NOTE: This electronic message and attachment(s), if any, contains
information which is intended solely for the designated recipient(s).
Unauthorized disclosure, copying, distribution, or other use of the contents
of this message or attachment(s), in whole or in part, is prohibited without
the express authorization of the author of this message.
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.