[rescue] Putting an insecure machine on a network

laz at moaa.net laz at moaa.net
Tue Mar 21 19:44:06 CST 2006


routing.
not sure this will work as you are trying.  first thought to my mind is use 192.168.0.253 for the insecure PC, and set ip filter to match.. this will allow the NAT on the router to let the PC out, and having the net mask standard, the PC will not try to put local addresses by it's default router.. 
not pretty, but think it would work.
Might have to set a static route for 192.168.0.253 via 192.168.0.20 in the NAT router.

Matt

> 
> Mike F said ...
> >
> > That should do what you want to do. Let me know how it goes 
> > (or if it doesn't :)
> 
> After an appaling amount of fooling around, I've got this:
> 
> Insecure laptop on 10.10.10.2, connected to
> Sun's hme0 on 10.10.10.1, in the same box as
> Sun's le0 on 192.168.0.20, which is on a LAN with
> Gateway to 'net on 192.168.0.1.
> 
> [Now hear de word o de lawd!]
> 
> The laptop can ping 10.10.10.1 and 192.168.0.20 ("far side" of Sun box), but
> not anything else on 192.168.0.0/24.  Laptop cannot ping 192.168.0.1.  No
> ipfilter rules are in place, the ipf.conf file is all comments.
> 
> I'm obviously missing something, but what?
> 
> -Shel
> _______________________________________________
> rescue list - http://www.sunhelp.org/mailman/listinfo/rescue
> 



More information about the rescue mailing list