Networking with FreeBSD
nikolas.britton at gmail.com
Tue Aug 2 23:26:16 GMT 2005
On 8/2/05, Stephan Weaver <stephanweaver at hotmail.com> wrote:
> >From: Chuck Swiger <cswiger at mac.com>
> >To: Stephan Weaver <stephanweaver at hotmail.com>
> >CC: freebsd-questions at freebsd.org
> >Subject: Re: Networking with FreeBSD
> >Date: Tue, 02 Aug 2005 14:26:07 -0400
> >Stephan Weaver wrote:
> >[ ... ]
> >>Thank You So Very Much for your quick response.
> >You're welcome.
> >>I am familar with firewalling, but i never done something like this.
> >>Mabee you can give me an actual Example from my reference.
> >>Using my networks ect.
> >Sure, if I had lots of free time and nothing else to do, I could probably
> >write up a security policy, firewall rules, along with pretty network
> >topology diagrams and so forth. But I was up 'til 2AM doing pretty much
> >just that for a client yesterday (*), and I'd rather not spend that much
> >effort again today without a good cause, or at least more beer. :-)
> >There is an expectation on the freebsd lists that you spend your own time
> >to learn about the tasks you want to accomplish before asking other people
> >to repeat what the documentation says for your own specific use case.
> >("Read the docs. Try stuff out. Ask questions which show what you've done
> >and what the specific error message or problem you have is.")
> >>What i want to do is seperate the network's on the same wire.
> >Hmm. Why do you want to put separate subnets on the same wire?
> >(What does that mean to you, anyway? Using the same external ISP
> >connection? All boxes all on the same ethernet hub? Something else?
> >Consider IPsec. :-)
> >(*): Client is in Denmark. They wanted stuff "urgently" by this morning
> >their time, after getting me something to respond to yesterday at 4PM my
> >time. Bleh, this "global outsourcing" thing really is overrated....
> What i want to do in a nutshell,
> Connect all stores together via fibre, and protect my HeadOffice Lan, which
> will now be connected to all the stores. And Have some sort of security.
What fibre? how far are the stores? fibre networking gear? you have
fibre going all the way to your stores from HQ?
Also, why do you have pixel, httpd, and samba servers on different LANs?
| |--------WANs 1-4, 192.168.2/24, 192.168.3/24, 192.168.4/24, 192.168.5/24
Firewall ------ DMZ 192.168.1/24 ----- Pixel, httpd, samba
HQ LAN 192.168.0/24
| |-----WAN, 192.168.2/24
Firewall ------- DMZ, 192.168.1/24 ----- Pixel, httpd
HQ LAN 192.168.0/24
We need more info to help you.
More information about the freebsd-questions