comp.security.firewalls archive
Re: "Transparent" Mode in IPCop / smoothwall / MNF (real IP inside firewall)
Date: Fri Jul 22 2005 - 10:19:43 CEST
jcychk@gmail.com schrieb:
> Currently I want to replace my firewall (sonicwall) in data center, as
> it was configed as "transparent" mode as follows.
>
>
> Public
> |
> |
> |
> |
> Firewall (123.456.789.10)
> |
> |
> |-------------------------------------------
> | | | |
> Web1 Web2 Ftp1 Ftp2
>
> IP: 123.456.789.11 123.456.789.12 .13 .14
> Gw: 123.456.789.10 .10 .10 .10
>
>
> It means all the server inside firewal is using Real/public IP, instead
> of the 192.168 internal IP.
> And I can still control the port opening of the .11 to .14 in the rule
> setting interface.
>
>
> I have searched though all the forums and still can't get the following
> answers.
>
>
> 1. Can IPCop / smoothwall / MNF support the above setting --
> "transparent" mode ? If yes, how to set ?
>
> 2. I am not sure the above servers should be put in the lan(internal)
> or the (dmz) ?
>
> The purpose of the firewall is to protect the server and port
> forwarding only.
>
Hi,
i think, all of these servers belong to the dmz.
IPCop and Smoothwall are not able to do this for you, because they
cannot work with the same IP on the ornage nic as on the red nic.
Corporate Firewall from Smoothwall and MFN can do.
Corporate Firewall is a commercial product (i love it).I donīt know, if
MFN is a commercial product and was available als a free version, too I
think. I donīt know, if mfn is still available as free version. Perhaps
someone else knows?
Fred
Received on Thu Sep 29 19:59:10 2005