[NCLUG] Firewall confusion
Chris Funk
chris at goldencoast.com
Thu Mar 13 10:22:23 MST 2003
Hi All,
Couple of questions for you all. The last couple days I have been setting
up a new linux firewall/router to replace our existing router which only
does some basic filtering. The more I read the more I get confused. My
confusion is about DMZ's. I have 3 machines currently which have public
ip's. One of the machines is an NT 4.0 box which needs to connect to the
local private net (for the db server) currently I have 2 nics in it. One
with the public IP and the other with a private.
Do the 3 machines going into the DMZ keep their public Ip's or should I
assign them privates on a different subnet than my local net. I have read
not to assign private ip's to DMZ machines and also that it is Ok.
2nd question. If I have to setup a rule that allows the DMZ webserver to
talk to the internal db server isn't that kinda defeating the purpose? Like
I said, i'm confused . :-)
Thanks
Chris
More information about the NCLUG
mailing list