Very Computer

However, I have a problem:  the Netgear does not allow me to enter a route on
the ethernet interface that points to another gateway -- it assumes that it is
the gateway into the network, and there's no other intermediary.  Thus,
there's no direct way to tell it to forward all packets to the new firewall
machine.

The Netgear does support RIP-2 on both interfaces, though, and I wonder if
that might provide a solution.  I've never run RIP, so I'm a bit ignorant.

If I ran RIP on the new Linux firewall, would that be able to tell the Netgear
router to forward all packets to the firewall machine?  If so, what sort of
RIP configuration would I need to set up?

If RIP isn't the answer, can anyone suggest another way to make this work?

Thanks!

John Ackermann

I think you want a system like this layout.

                            eth0                eth1
 <Internet>---<ISDN router>-----<Linux Machine>-----<Hub/Switch>----<Machine1>
                                  (Firewall)                    I              
                                                                I-<Machine2>    

The ISDN router should just forward any data sent to it to the machine its
connected.

The Linux machine needs two network cards setup with private IP's say 192.168.1.1
for eth0 and 192.168.1.2 for eth1.  The internal machine should all be given a
private ip say machine1 could be given 192.168.1.5 and machine2 given 192.168.1.6.

You need to set the default gateway on the Linux machine to the IP of the router.
This mean that any traffic sent here that is not for a local network machine will
be forwarded to the ISDN router which will dial out and connect and send data out
onto the Internet to it's destination.

Now setup IP masquerading on the Linux for the internal host. On the other machines
setup the DNS entries and the default gateway to the IP address of the Linux
machine (eth1).

PS

If you provider gives you one IP for the router and one for you actual machine. Use
the number given for you machine for network adapter eth0.

This is a simple explanation of the steps needed. If you need help on setting up IP
masquerading or any other area do ask?

--
Robert Wallace

Quote:

>I think you want a system like this layout.

>                            eth0                eth1
> <Internet>---<ISDN router>-----<Linux Machine>-----<Hub/Switch>----<Machine1>
>                                  (Firewall)                    I              

>                                                                I-<Machine2>  

>The ISDN router should just forward any data sent to it to the machine its
>connected.

My problem is convincing the router to use the firewall machine as a gateway
for the 32 host subnet.  Since the router supports RIP-2, I'm wondering if I
can use that capability to have the firewall box advertise itself as the
gateway, and have the router pick up the proper route that way.  The problem
is that I've never used RIP, so I don't know if this is doable, or if it is,
how to configure it.

John

Quote:

>The Linux machine needs two network cards setup with private IP's say
> 192.168.1.1
>for eth0 and 192.168.1.2 for eth1.  The internal machine should all be given a
>private ip say machine1 could be given 192.168.1.5 and machine2 given
> 192.168.1.6.

>You need to set the default gateway on the Linux machine to the IP of the
> router.
>This mean that any traffic sent here that is not for a local network machine
> will
>be forwarded to the ISDN router which will dial out and connect and send data
> out
>onto the Internet to it's destination.

>Now setup IP masquerading on the Linux for the internal host. On the other
> machines
>setup the DNS entries and the default gateway to the IP address of the Linux
>machine (eth1).

>PS

>If you provider gives you one IP for the router and one for you actual machine.
> Use
>the number given for you machine for network adapter eth0.

>This is a simple explanation of the steps needed. If you need help on setting
> up IP
>masquerading or any other area do ask?