10-09-2003 06:17 AM - edited 03-02-2019 10:53 AM
This should be a relatively easy question:
We currently have a single 150 user Class C network-192.168.1.x that is quickly being used up.
In response to increased growth, we have decided to add additional networks and implement routing.
However, our firewall going out to the Internet is configured with ip address 192.168.1.1.
Question is:
Since we will need to use 192.168.1.1 address for our router interface, where does that leave the firewall?
Would it be a good idea to place the firewall on it's own network?
Let me know if you need more details.
10-09-2003 07:11 AM
You could place the router in between the hosts and the firewall, and reassign the subnets on the firewall = router side.
Internet
|
|
Firewall
|192.168.2.1
|
|192.168.2.2
Router
|192.168.1.1
|192.168.3.1 (secondary)
|
|
Internal network (192.168.1.0, 192.168.3.0)
Note that this config. needs a router with 2 ethernet interfaces.
Note that 192.168.3.0 was added as secondary, so that you can expand the number of hosts.
10-09-2003 02:23 PM
You can put the firewall in front of the DMZ. Meaning that any traffic coming in will first have to go through a firewall and any traffic going out will have to go through a firewall also before it goes out to the internet.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: