Perimeter firewall

Home Page Forums Network Management Networking Perimeter firewall

This topic contains 3 replies, has 0 voices, and was last updated by  Sling 4 years, 1 month ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #44148

    Sling
    Member

    Is it possible to setup a perimeter firewall with zeroshell?

    ETH01-WAN
    |
    |—ETH02 (Public servers 192.168.0.10-20 : 255.255.255.0)
    |
    ETH00-LAN (192.168.0.0 : 255.255.255.0)

    I want to be able to place firewall rules between the WAN and our public servers and setup rules between the LAN and our public servers.

    I would like to keep the public servers on the same subnet if possible.

    #53622

    redfive
    Participant

    Of course, is possible, you might create a bridge between ETH00 and ETH02, assign the ip address directly to that bridge, eg 192.168.0.1, then FW rules …..even though I advice you to use a pure L3 DMZ for public servers, and ‘play’ with FW and NAT rules among all interfaces.
    Regards

    #53623

    Sling
    Member

    How would I keep the DMZ at level 3 only?

    I played with bridging the devices, thank you, that is working great.

    #53624

    redfive
    Participant

    Simply by creating , for public servers, their own broadcast domain, not the same of the ‘private’ lan, eg by assigning different ip addresses to ETH02 and ETH00 and keep the ETH02 as DMZ, while ETH00 as private lan ….. but if you are happy with the bridge, and it works as expected, don’t worry about 😉
    Greetings

    #53625

    Sling
    Member

    When I first atempted this I did have the public servers on a differet subnet without a bridge joining ETH00 & ETH02 but I couldn’t get them to see each other. I did try adding a static route but it didn’t help. I will give it another try.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.