[CentOS] [OT] Corporate Firewall -- NAT/PAT != bridging/routing with inspection
Bryan J. Smith
thebs413 at earthlink.net
Fri Nov 11 00:03:15 UTC 2005
Adam Gibson <agibson at ptm.com> wrote:
> M0n0wall is a freebsd based system but it does support a
> public IP DMZ/Service interface. You have to enable
> advanced NATing.
Layer-3/4 Source and Destination NAT/PAT (network/port
address translation) is _not_ the same as layer-2 bridging or
layer-3 routing between networks and inspecting the packets
then. I think he's looking for layer-2 bridging or layer-3
routing, not SNAT/DNAT.
IPCop does SNAT/DNAT, and can translate multiple public IPs
into private ones -- LAN, 2nd LAN (e.g., WLAN), DMZ, etc...
as well. 1:1 (NAT-only), 1:Many, Many:1. Not the same as
inspecting frames/packets as they pass through a true layer-2
bridge, or a layer-3 router.
> Remote updating of the firmware/software is a big plus too.
As with IPCop.
--
Bryan J. Smith | Sent from Yahoo Mail
mailto:b.j.smith at ieee.org | (please excuse any
http://thebs413.blogspot.com/ | missing headers)
More information about the CentOS
mailing list