problems with nat

[Ben Russo]

Since you are working on this anyway....

For a slightly more secure setup, you might want to consider:


               R              E          I           
               T+--------+    X+--------+N          
 internet |---|R| router |---|T|firewall|T|---| intranet
               I+--------+    I+--------+I        
               P              P     |     P
				    |
				    DMZ IP
					\
					| HTTP, MAIL, SSH

This will protect your servers from other intranet users 
on the same subnet. (Also if you have 802.11 on your intranet...)

Maybe after doing this your problem will disappear simply by 
rethinking the ruleset.

-Ben.


On Wed, 2002-11-13 at 13:13, Rahul Jadhav wrote:
> please check the attachment...
> 
> Thanks
> Rahul
>