[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Q regarding Fw between networks setup
All, I need to setup a FW between my main network and another network, in order to allow communication between users on my network and a server on the other network, and to allow specified users on the other network access to the internet via my network. The other network is not connected to the outside world. Schematics is as follows : Other Network (Network-A) | FW | My Network (Network-B) | FW | Internet I need : To allow some users on Network-B to access a server on Network-A (Netware server) To allow some users on Network-A to access the internet via my Network-B and my FireWall (connected to the internet). Network-A is setup with network 172.28.X.X Class B. Network-B is setup with network 172.18.X.X Class B. My first question is : Which side is the external leg of the FireWall on the FW between Network-A and Network-B (Which side should I register the license on) ? I figured, that since the most important issue is allowing my users to access the Netware server on Network-A, that the leg of the FireWall on my Network-B should be the "real" registered leg. Thus I would set the Netware servers default gateway to the FWleg on Netwok-A, and allow communication between my users and it to return to my users. This would also allow users on Network-A to access my network and thus to allow me to NAT their 172.28.X.X addresses to a semi-legal Network-B address (part of the FW's "outside" leg pool), which I could then NAT again on my FW and allow them access to the internet. Second Q is : What would the best way be to allow my users access to this Netware server, if they also access Netware servers on their own network (Network-B), and, Network-A's IP pool is different from Network-B's IP pool, and the Netware servers are set up on seperate trees (for security reasons) ? All and any thoughts on this would be gratefully accepted (especially re Q1). Thanks ahead, Mike Glassman System & Security Admin Israeli Airports Authority Ben-Gurion Airport http://www.ben-gurion-airport.co.il Tel : 972-3-9710785 Fax : 972-3-9710939 Email : [email protected] Usage of this email address or any email address at iaa.gov.il for the purpose of sales pitches, SPAM or any other such unwanted garbage, is illegal, and any person, whether corporate or alone doing so, will be prosecuted to the fullest possible extent. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|