@freyja
I said from the beginning that I wanted to replicate the configuration I had with my pix as the netgate act a replacement.
That isn't an explanation for the reasoning behind the method. I understood you wanted to make it the same as what you had before. That's not hard to understand. The question was 'why do you want it that way?' What problem does this solve? That's all.
All my configuration is based on that and despite the fact you disagree, I want to mask my internal network for things such honeypot for example.
I don't necessarily disagree when I don't know all the details. That's why I was asking. You said earlier that you wanted to mask your network but I didn't understand the context nor did John. Usually a DMZ is completely isolated from LAN which is its entire point, and any required access is strictly controlled via rules. It's unusual to have a DMZ that needs to talk to LAN so much.
It's not because you do not understand the usefulness of what I want it's illegal.
I'll definitely admit that I don't see the usefulness of what you're doing.
And such a supposition is quite surprising.
I said what I wanted to do, you just don't listen.
No, you said things like 'mask my network' and 'several reasons' but you never actually gave any specifics. Two of us were confused so you weren't as clear as you think.
1- reproduce what I had before just not to have to reconfigure everything
2- mask my internal network because I don't want people to be aware of it.
Got it. I don't know how that would help you though. Yes, I understand that you are going to keep it this way and I have no problem with that. I'm just curious. How would people who interact with your DMZ be aware of what's on your LAN? Someone who cracks one of your DMZ servers will see what it's talking to and try to exploit that regardless of its DMZ vs LAN IP address.
But still you're pushing over and over because it sounds overcomplicated for you but at the very end it's my problem if it's overcomplicated, right?
It doesn't sound overcomplicated. It sounded like it didn't make any sense. I was asking for details because I thought I was missing something.
I've never seen such aggressive people about simple tech questions, really I don't understand what you are trying to do there.
Every single day here, new users decide to do something using an incorrect or sub-optimal method and then they ask specific questions in order to reach their bad end instead of asking for the best way to do something using pfSense. I thought that is what you were doing so I asked questions trying to determine what problem you needed to solve.
I've started eluding your queries because I had answered them and didn't want to go in an argument fight and having to justify my setup.
You make me feel I want to pack back my netgate and return it.
This has nothing to do with Netgate.
I've worked with Cisco, Nokia, McAfee, checkpoint firewall and never seen such agresisvity from a tech community.
I'm starting feeling your are acting like that because you've seen I'm a girl and think I don't know what I'm doing.
Don't make me think it's just a misogynistic behavior.
How would I know you're a woman, and why would that matter?? My entire knowledge of you is from this one thread.
That's said, I'm not doing anything illegal, i just wanted to reproduce my Pix configuration to simplify my life and don't have to reconfigure every service I'm using and that's all.
Understood. Thank you for making it clearer for me. I think this has been one big misunderstanding and I will not trouble you again.
