--===============0349441729==
Content-Type: multipart/alternative;
boundary="----=_Part_18209_33372773.1193966664836"

------=_Part_18209_33372773.1193966664836
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi,

I'm hoping someone can provide a sanity check on the following configuration
- i.e.: will it work?

I've got a /29 public network, addresses (say) .2 to .6, with default
gateway of .1. Can I place a Checkpoint firewall on .2 and have it use the
remaining addresses for NAT'd services on the other side of the firewall?

I ask as I'm certain I've done this in the past, but I'm a few years out of
doing firewall work and my current technical contact reckons this won't work
- that the default gate will ARP for the address and the .2 firewall won't
respond; and that furthermore the only way to use the addresses would be to
put a different subnet between the default gateway and the firewall and
route the /29 network to the firewall (which I agree will work, but...)

Also, would it work if the firewall was a PIX?

TIA

--
_______________________________
David Steele



------=_Part_18209_33372773.1193966664836
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi,

I'm hoping someone can provide a sanity check on the following configuration - i.e.: will it work?

I've got a /29 public network, addresses (say) .2 to .6, with default gateway of .1.  Can I place a Checkpoint firewall on .2 and have it use the remaining addresses for NAT'd services on the other side of the firewall?


I ask as I'm certain I've done this in the past, but I'm a few years out of doing firewall work and my current technical contact reckons this won't work - that the default gate will ARP for the address and the .2 firewall won't respond; and that furthermore the only way to use the addresses would be to put a different subnet between the default gateway and the firewall and route the /29 network to the firewall (which I agree will work, but...)


Also, would it work if the firewall was a PIX?

TIA

--
_______________________________
David Steele

<insert sig line witticism here>

------=_Part_18209_33372773.1193966664836--

--===============0349441729==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards

--===============0349441729==--