Kevin Brown wrote: >> I finally took the plunge and have DSL from Qwest. I do have some >> questions about the best way to set everything up. So I turn to the >> most knowledgeable people in Phoenix - PLUG. >> >> Here is my setup: >> >> Windows XP box @ 192.168.100 >> Linux Mandrake 10 box @ 192.168.20 >> Linux Mandrake SNF firewall box @ 192.168.1.150 >> >> Skylink Net 1008 fast ethernet switch with UpLink and 1X - 8X ethernet >> connections >> >> My question is do I need to install a second NIC in the firewall box so >> that one NIC is connected to the ActionTec DSL modem and the second is >> connected to the switch? > > > The modem is also a Firewall/Router unless you have done something to > alter its configuration. So: > > DSL -> Actiontec -> Switch -> Rest of systems > >> I imagine I will have more questions once that one is answered. > > That's the simplest setup. Doesn't make much (any) use of your firewall box though. For a firewall to be effective, it needs to sit between the LAN and the WAN (AFAIK), and thus needs 2 ethernet connections - one to the outside world and one to the inside. The Actiontec is adequate as a firewall for general use. If you want to get your hands dirty or need more control though, you can set it up as: DSL -> Actiontec -> Firewall -> Switch -> Rest of system If you leave well enough alone, the Actiontec will nat to the firewall, which in turn will nat to the lan. You'll want to set up your firewall such that each interface is on a separate subnet, and the LAN interface on the firewall needs to be static. A second layer of security isn't necessarily a bad thing. If you want to bypass the Actiontec's firewall and have the public IP address on the WAN interface of your firewall, that can be done as long as your firewall can handle PPPoE connections. In this case, you configure the Actiontec to be in bridging mode (turns it into a 'dumb' DSL modem), and configure your firewall to handle the PPPoE connection. I did this recently with IPCop and it works like a charm. I found out how to do this in the documenation on the IPCop web site (http://www.ipcop.org). There are instructions there in reference to the Actiontec DSL modem. -- -Eric 'shubes' **************************************************** This message has been scanned using Contraxx Technology Group mail server v8.0.3 and is virus free. Message sent from Mail Server 3 **************************************************** --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss