[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-ipchains
Subject: RE: [ipchains] ipchains network design
From: Gordon Smith <Gordon () hortauto ! co ! nz>
Date: 1998-10-29 20:54:08
[Download RAW message or body]
With a setup like that having public IP addresses on your
internal network is unneccessary.
I would set up:
ROUTER ---------- Firewall --------- LAN
|
|
DMZ
where your router has a public IP address and static routes to
your web, ftp, etc. servers in the DMZ, and the firewall
does masquerading, filtering and accounting. The firewall -
router segment would be on a separate subnet from the rest of
the network.
BTW, I would also use access lists at the router.
Hope thats some help,
Gordon
==========================================================================
To unsubscribe send email to: majordomo@wantree.com.au with
'unsubscribe ipchains <email address>' in the message body.
(replace <email address> with your email address :)
==========================================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic