Try seawall it allows DMZ (3rdNIC). Put www,smtp, whatever in the DMZ
Jason Costomiris <[EMAIL PROTECTED]>@redhat.com on 10/03/2000 07:58:13 PM
Please respond to [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:
Subject: Re: Network Design
On Tue, Oct 03, 2000 at 11:37:51PM +0200, Tobias Roppelt wrote:
: Internet
: |
: Router
: |
: eth0
: Firewall1
: eth1
: |
: ---------------hub---------
: | | |
: eth0 eth0 eth0
: Firewall2 {www} {ftp, mail, telnet}
: eth1
: |
: priv_net
:
: Looks quite okay to me.
Agreed, a classing two-firewall approach. Anything in particular that
would
keep him from using 3 NICs in his "Firewall1", thus obviating the need for
the second firewall? Most firewalls that I work with (Checkpoint, PIX,
etc)
don't care about the extra i/f's. Does IPchains not like that?
: Plugging Firewall2 directly to the hub to protect the private network
: should put you on the save site, too.
: Maybe you will substitute telnet service with ssh.
Agreed, dump telnet, use ssh.
--
Jason Costomiris <>< | Technologist, geek, human.
jcostom {at} jasons {dot} org | http://www.jasons.org/
Quidquid latine dictum sit, altum viditur.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
