-----Original Message----- From: Jack Zimmermann [mailto:workinman@hookmeup.nu] Sent: Monday, May 01, 2000 11:44 AM To: suse-linux-e Subject: [SLE] firewals 2 and DMZ
I have a problem with setting up a firewall. I have three ethernet cards in my firewall and have setup the internal LAN and the external WAN and everything works ok. But when I try to setup the DMZ I can not connect to anything on WAN from the firewall machine or the internal network. The firewall has a real ip number, for this example lets say 213.212.8.1 and I have set the webserver on the DMZ to 213.212.8.2. The internal LAN is set to a private ipnumber serie 192.168.1.1-254. Should the machines on the DMZ use real ip numbers? Any tip on how to set it up?
How many public IPs do you have? 2? There are two basic ways to do this. Get more public IPs so you can set up a proper subnet in your DMZ. Or redirect ports from your public IP to private addresses on your DMZ. Something like this would work for the first suggestion: eth0 213.212.9.2/24 gw 213.212.9.1 to WAN eth1 213.212.10.1/29 to DMZ webserver 213.212.10.2/29 gw 213.212.10.1 eth2 192.168.1.1/24 to LAN internal machines 192.168.1.2-254/24 gw 192.168.1.1 I could give you ideas for the 2nd suggestion on xBSD but I haven't done it on Linux. Greg Because e-mail can be altered electronically, the integrity of this communication cannot be guaranteed. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/