Sorry I cannot seem to get my news reader configured to reply to a
thread??

Well, perhaps if you laid out the IP addressing it would be more clear
as to
what is being done here. In any event, you want all of the internal
hosts
to
be forced to go through the BMgr server's private interface to get to
the
Internet. They should not have a physical link to do otherwise.


I was given 3 addresses for the border manager. It will be setup with142.25.30.160 with a subnet of 255.255.255.252 default gateway is
142.25.30.161
The Pix is configured with 142.25.30.162 and the router is configured
with
142.25.30.161. My other ip address are 205.233.104.0 thru to 255. I
believe
that my gateway for this range of IP's which point to the router is
205.233.104.1. Once I have setup the border manager this gateway will
be
removed from the router and the PIX will no longer forward traffic to
that
gateway. Instead traffic must arrive for this network via IP address
142.25.30.161 the gateway for Border Manager. I will be changing the
default
route on my Novell servers to point to this new gateway, and I will
change
my dhcp scope for all clients, and change the default gateway on my
windows
server. As mentioned at this point when I know all is working I can
start
implementing filters and proxy's. Have I missed anything??

Thanks

John Rice