Anders Johansson wrote:
On Sunday 19 April 2009 17:56:53 LLLActive@GMX.Net wrote:
I take it I can direct the requests to the DynDNS firewall port 80 to the webserver in the DMZ on port 81 with
Well, yes, but then you won't be able to access the web server running directly on the firewall
0/0,192.168.176.10,tcp,80,81
This can also be done with the webserver in the DMZ wanting the data (through its own gateway) over the internal network firewall (asking at port 1927) to be directed to the private IP 192.168.0.10 on port 1972?
Yes, but be careful with that. You don't want to punch holes into your internal network just any which way. It defeats the purpose of having a DMZ
Anders
Yes, I thought of that. Maybe using separate NIC's between the two machines in a separate private network all by themselves will do. If the webserver is compromised, the all is also comprimized. Just how does one get such a setup secure, without putting your data in the DMZ? Internet -- firewall 1 -- DMZ with Webserver -- firewall 2 -- Database server :-) Al -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org