ADSL and private network behind FireBrick
|
|
|
 |
 |
ADSL non-NAT installation
Internal machines on private addresses
Port mapped incoming SMTP email |
 |
 |
 |
|
|
|
|
|
|
|
In this configuration there is a routed non-NAT internet feed (e.g.
ADSL). The PCs are to be on private addresses. In this example we will
assume that the ADSL router has address 123.4.5.1 and the subnet is a block
of 16 (/28 or 255.255.255.240).
The FireBrick provides a NAT configuration to private addresses :-
-
Allocate a private network address for the internal machines, e.g. 10.0.0.0/24
-
Allocate the FireBrick a private address, e.g. 10.0.0.1 creating a LAN
subnet for the FireBrick on this address and subnet 24 (255.255.255.0),
set NAT
-
Optionally, include DHCP allocation range on the private addresses to allocate
addresses to machines on the LAN
-
Allocate the FireBrick one of the public addresses, e.g. 123.4.5.2 and
create the WAN subnet with this address, subnet 28 (255.255.255.240)
-
Set the gateway on the FireBrick to the router on the WAN (i.e. 123.4.5.1)
-
PCs are set with the FireBrick as their gateway (i.e. 10.0.0.1) and subnet
24 (255.255.255.0)
-
You may want to set the FireBrick with an ISP allocated DNS server address,
and set the PCs to use the FireBrick for DNS (needed for DHCP use)
-
Adjust filters as required
This example equally applies to :-
-
Any installation with a router and a single subnet
-
e.g. BT net start lines