View Single Post
Old 23rd December 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

Code:
   INTERNET
       |
       |
     modem
       |
       |
-------|------------
    external

                 D
                 M
     FBSD        Z--------------- Server   
    router       n
                 i
                 c
          
    internal
-------|------------
       |
       |
       |
    switch 
  internal Lan
Since you seem not to have any issue with getting DHCP leases for the real nfe0 as well as the virtual ngeth0, you could try the topology from this diagram.
The DMZ nic gets the second IP address through DHCP.

The server nic can have a private 10.x.x.x address directly connected to the DMZ nic. This is possible, you only need to specify the -interface modifier when you add the default route on the server.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote