> IIRC, you won't be able to do bridging unless your ISP sets you up that
> way.  Being it's a 675, that may not be possible unless it's a different
> configuration on the router.  Never played with a 675 myself.

The 675 can do bridging mode. The problem is that an ISP usually will do 
either bridging or PPP and not both. You can't just change the mode or it 
will not work anymore:( You said you don't have the management cable, you'd 
need that to change the mode.

If you put a firewall behind a 675 doing bridging, the 675 is transparent to 
your network (like a hub). The outer NIC on the firewall will get the IP 
address assigned to you, whether static or DHCP. What you do with your 
internal NIC(s) and addresses is up to you.

My $0.02

Nick


>
> Shawn
>
> On Mon, 15 Jul 2002 23:41:04 -0500
>
> Nathan Davis <davisn at mailandnews.com> wrote:
> > Hi,
> >
> > We have a Cisco 675 DSL router connecting the local network to the
> > Internet.  I'd like to put a firewall between the LAN and the
> > Internet. We have a block of 8 address (6 after account for broadcast
> > and network address), and don't want to use any more than necessary.
> >
> > The Cisco is operating in ppp mode (bridging mode *might* work, but we
> > don't have a management cable to get it back out if it doesn't), so
> > that burns one address.  The firewall would require two more addesses,
> > which would leave only three for the rest of the network.  Obviously,
> > I'm looking for a way to free up some of these addresses.  NAT is not
> > an option for some machines.
> >
> > After thinking about this for awhile, I was wonding if I really need
> > to use two *real* ip addresses on the firewall machine.  Or even if
> > there's a way to set up a default route to an interface with no ip
> > address assigned.  Another option might be to have the cisco (and
> > possibly the firewall too) obtain an ip address via dhcp (I don't know
> > how the other end might take this, though), or assign the interface
> > connecting the firewall to the Cisco a "fake" address.
> >
> > Anyone have any suggestions -- what's worth trying, what won't work,
> > new ideas, etc.?
> >
> > --Nathan Davis
>
> _______________________________________________
> Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul,
> Minnesota http://www.mn-linux.org
> tclug-list at mn-linux.org
> https://mailman.mn-linux.org/mailman/listinfo/tclug-list

-- 
Nick Davis 
Associate Systems Administrator 
ndavis at iexposure.com 
Internet Exposure, Inc. 
http://www.iexposure.com  

(612)676-1946 
Web Development-Web Marketing-ISP Services