Re: 2nd DHCP Scope?

From: "Ace Fekay [MVP]" <PleaseSubstituteMyActualFirstName&LastNameHere@xxxxxxxxxxx>
Date: Tue, 27 Dec 2005 08:08:23 -0500

In news:%23MHDCuqCGHA.412@xxxxxxxxxxxxxxxxxxxx,
Stranger <strangerx@xxxxxxxx> stated, which I commented on below:
> I see what you are saying. I removed the static route in the
> firewall and then tried the tracert. It goes to the router
> (172.20.4.1) then to the firewall (172.20.4.2) this part looks ok,
> then it goes out to the internet. So, I think I need to somehow tell
> the firewall that the 172.20.9.x is an internal range. Not sure how
> to do that one if that is what it is. It was easy to do this with
> the other IP ranges since they were coming from other buildings.

The firewall appears to be a bridge, and not a router in your scenario
beacuse it has a 4 interface as well as the "gateway". Is that intentional??
I'm totally confused. Your drawing is confusing.

If the firewall is just bridged, then nothing needs to be done, however, if
it were not bridged, and it has a different IP, then the static rules apply
to it just as if it were a regular old non-firewall router. Follow my
example, in this case the firewall would be like Router A, where as the
"router" is Router B.

Internal net --- Router --- Firewall -- Internet

Internal net is 172.20.9.0, where these machines are sitting on 172.20.4.0.
"Router" above would need nothing sine I am assuming the one of it's
interfaces is on the 172.20.9.0 side, and the other interface would be on
the 172.20.4.0 side, but the firewall is.

Ace

.

Follow-Ups:
- Re: 2nd DHCP Scope?
  - From: Stranger

References:
- 2nd DHCP Scope?
  - From: Stranger
- Re: 2nd DHCP Scope?
  - From: Oliver O'Boyle
- Re: 2nd DHCP Scope?
  - From: Jack H
- Re: 2nd DHCP Scope?
  - From: Oliver O'Boyle
- Re: 2nd DHCP Scope?
  - From: Jack H
- Re: 2nd DHCP Scope?
  - From: Oliver O'Boyle
- Re: 2nd DHCP Scope?
  - From: Jack H
- Re: 2nd DHCP Scope?
  - From: Oliver O'Boyle
- Re: 2nd DHCP Scope?
  - From: Stranger
- Re: 2nd DHCP Scope?
  - From: Ace Fekay [MVP]
- Re: 2nd DHCP Scope?
  - From: Jack H
- Re: 2nd DHCP Scope?
  - From: Stranger
- Re: 2nd DHCP Scope?
  - From: Ace Fekay [MVP]
- Re: 2nd DHCP Scope?
  - From: Stranger
- Re: 2nd DHCP Scope?
  - From: Ace Fekay [MVP]
- Re: 2nd DHCP Scope?
  - From: Stranger

Prev by Date: Re: Introducing XP Prof. in Windows 2000 domain with currently NT clients only
Next by Date: XP Workstations & VLANs
Previous by thread: Re: 2nd DHCP Scope?
Next by thread: Re: 2nd DHCP Scope?
Index(es):
- Date
- Thread

Relevant Pages

Re: Using two internet connections with one firewall
... :> and so I won't be able to add the satellite link to the Firewall. ... You need a separate firewall for each internet connection. ... sides of the firewalls to a hub/switch and then into another router. ... connections or a router with an interface to the firewall, ...
(comp.security.firewalls)
Re: static routing
... I wasn't talking about the remote branch router. ... connecting to a demand-dial interface, ... server can route to the corporate LAN but machines behind it cannot. ... A static route has been added that matches the subnet of the ...
(microsoft.public.windows.server.networking)
Re: IP Addressing
... firewall and router). ... On the firewall create a static NAT entry as I wrote ... !we 're doing NAT to publish my Exchange server on the Internet ... external or any physical / logical interface. ...
(comp.dcom.sys.cisco)
Re: static routing
... You can't do it manually because the interface doesn't exist until the ... static route for the subnet of the remote site and select the demand dial ... When you make a connction to the server you use the name of the ... The packet goes to the default router ...
(microsoft.public.windows.server.networking)
Re: Just venting (totally OT)
... the ame router to get access to the net! ... I'm paranoid about opening up my firewall "just in case..." ... not visiting dodgy Websites. ... The protection that it does supply is also provided by ...
(uk.people.support.depression)