Re: Internet Firewall with 3interfaces
From: stonefoz (jdoe_at_thelost.org)
Date: 11/19/05
- Next message: Vahis: "Re: Linux an Yahoo don't match any more"
- Previous message: Michael Perry: "Re: Linux an Yahoo don't match any more"
- In reply to: Mathon Florent: "Internet Firewall with 3interfaces"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 19 Nov 2005 05:33:26 GMT
Mathon Florent wrote:
> Hello,
>
> I am trying to build an internet firewall with SuSe10 and Yast
>
> there are 3 interfaces on the PC and the following settings
>
> - eth0 External (internet) 192.168.2.3
> - eth1 DMZ 192.168.4.1
> - eth2 Internal 192.168.3.1
>
> I could reach Internet from DMZ and from Internal
>
> But My problem is to reach DMZ from internal and internal from DMZ! how to
> do this ?
>
> Regards,
>
> Florent M
internet->router(block all internal)->dmz(nat, proxy, and
servers)->router(block all external)->internal
dmz can connect to the internet and internal network through routers that
block or pass your local subnet.
a firewall would go as a replacement for one or both of the routers
protecting the dmz or localnet. nowhere do you need 3 card split.
dmz is set up with just routers that only have to look at the ip
address(internal, external, dmz). the dmz machine should have just one
card. the idea is if the dmz has to be comprimised to access the internal
network. so... if you have to ask questions it proably won't add much.
- Next message: Vahis: "Re: Linux an Yahoo don't match any more"
- Previous message: Michael Perry: "Re: Linux an Yahoo don't match any more"
- In reply to: Mathon Florent: "Internet Firewall with 3interfaces"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
