Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Apr 2009
Rhel5.0 firewall server for my network
Pl see my network arch
firewall server |
ext network |
int network |
|---->web server 192.168.1.2
firewall server--->|---->mail server 192.168.1.3 (optional)
|--->Clients for access internet(192.168.1.X)Here my requirement,
1.Web and mail server should be bublished
2.client can access internet
3.all ports should be closed,when ping in firewall server from outside network.
4.all ports should be closed,when ping in firewall server from inside of network(internet access client) except what i mention particular ip,
now,what should i do?..please help me any body step by step
- Join Date
- Sep 2008
Personally, I think it is an overkill to use the latest hardware as a firewall as well as something else. Rather get an old pentium class pc with minimum spec and use a dedicated firewall like smoothwall or one of it's derivatives. All the firewall and forwarding rules are readily configurable.
If the firewall pc is hacked, that's all you use. The rest of your network is safe.
To answer your question, use 2 or 3 network cards (depending on internet connection - if it's usb modem, only 2) and assign them to the incoming address (ie dhcp or fixed from isp), an internal zone and a dmz zone for external access for mail and web services.
Allow routing between internal and isp and isp and dmz. (you will need to set the forwardin rules)
What services or parts of the internal network you allow access from outside depends on your needs, but external users would collect/access services on the dmz network address. the internal address allows internal users free access, since they shouldn't be a threat.
For more detailed ideas/setup look at smoothwall.org documentation.