Hi everyone,
it it possible to use all the "security stuff" that comes with asg (packet filter, email filter, content filer, etc...) between "bridged" interfaces? or does this just create a "nonvisible" connection between two parts of a network?
for example:
host1 (192.168.0.10/24) -- astaro(bridge: 192.168.0.1/24) -- host2 (192.168.0.20)
can host1 reach host2 without setting packet filters? (that's actually not what I want. I want it to block stuff...)
If not: is there a way around that?
what i'm trying to do is get my second internet line to work, that is bound to a class c - range of official IPs. I want my DMZ-Servers to be protected but at the same time they are provided with official IPs and need to be reached from outside.
We're in the process of switching internet lines which makes things difficult as i cannot change the default gateway, but that shouldn't matter for outside requests should it?
All my trying endet up not reaching the hosts from outside, even with set packet filter rules.
I also tried two seperate interfaces (x.x.x.1/24) (x.x.x.2/24) but that gave me some routing problems... so I tried it with (x.x.x.1/30) (x.x.x.254/24). no luck either.
I know this a rather complex setting. maybe some of you geeks understand my problem.
I'll answer questions as best I can if you have any.
This thread was automatically locked due to age.