NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Two T1s



Title: Message
Since you're doing address translation, you will more than likely need a manual address translation rule that states not to translate traffic from the LAN to the DMZ and vice versa.
 
-Jeff
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of Jeff Reinhardt
Sent: Monday, March 26, 2001 3:52 PM
To: [email protected]
Subject: [FW1] Two T1s

We are getting a second T1 in here this week.   I currently have a machine with
3 network cards,   one configured for the current T1, one for the DMZ and one
for the internal LAN.  My question is,  if I add another network card and configure
it for the new T1 address,  what will I need to do to allow traffic from that T1 and
that Class C of IPs to hit the DMZ web servers?
 
Also,  I currently have this setup:
 
DMZ -  IP Range  192.168.10.0 - 255   Subnet 255.255.255.0
 
Internal LAN - IP Range  192.168.1.0 - 255  Subnet  255.255.255.0
 
And a Rule in the firewall that states:
 
Source - Internal Lan   /  Destination - DMZ  /  Service - Any  /  Accept
 
This was working allowing us access to the DMZ from the internal lan but
the DMZ could not connect to the internal lan which is of course what we
wanted.  On Friday I was changing a few things around in preparation of
the new T1 and I did something to cause this to stop working.  The rule is
still there and in effect.  I think it is the security settings of the interfaces
in the Firewall object.  What should the Internal, DMZ and External settings
be?
 
Thanks!
 
Jeff
 


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.