Hi Good question. Firstly it's a file server too. Secondly, the bulk of the mail is internal, so to minimize traffic across the firewall / router. And lastly because it's the domain controller for the internal network (also DHCP). Ray Peer Stefan wrote:
just asking, but why is the mail-server located within the internal network?
-----Ursprüngliche Nachricht----- Von: Ray Leach [mailto:raymondl@knowledgefactory.co.za] Gesendet: Dienstag, 13. November 2001 14:34 An: security Betreff: [suse-security] Network setup (howto configure iptables) ...
Hi
Help please !
I'm trying to setup my network as follows:
+----------------+ | Internet | +-------+--------+ | +-------+--------+ | | DMZ +----------------+ | Firewall +-----+ 192.168.1.0/24 | | | +----------------+ +-------+--------+ | +-------+--------+ | 10.0.0.0/24 | <- Internal network +-------+--------+ | +-------+--------+ | LAN Users | +----------------+
Here's the situation:
In the DMZ there are web servers that need to be browsed from the internet for ftp, http, tomcat (21,80,8080) In the Internal Network there is a mail server with a private ip of 10.0.0.3 that needs to accept pop3 and smtp from the internet and send smtp to the internet. The internal network must be able to browse, ftp via a transparent proxy on the firewall. The internal network must be able to browse, ftp to the DMZ. The DMZ needs to send smtp to the mail server on the internal network.
Can someone tell me what rules I should define to set all this up. I have tried several things and I haven't ironed out all the crinkles yet. I haven't managed to get the mail part working.
Ray
-- ---------------------------------------------------------------------- Raymond Leach Cell:+27-82-416-1410 Tel:+27-11-444-5006 Fax:+27-11-444-5007 eMail:raymondl@knowledgefactory.co.za www:http://www.knowledgefactory.co.za "No matter where you go, there you are ..." ----------------------------------------------------------------------
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- ---------------------------------------------------------------------- Raymond Leach Cell:+27-82-416-1410 Tel:+27-11-444-5006 Fax:+27-11-444-5007 eMail:raymondl@knowledgefactory.co.za www:http://www.knowledgefactory.co.za "No matter where you go, there you are ..." ----------------------------------------------------------------------