Such Thing as DMZ??

Posted: Sun Jul 18, 2004 7:21 am
by X9X0
Is anyone aware of a way to set up a DMZ host? Basically let one or more specified host to be 100% open and accessable to all ports and services on the public interface.

Posted: Sun Jul 18, 2004 10:48 am
by Bill
There are several ways. If you have enough IP addresses, you can plug the server and MT box into a switch that connects to the feed from the upstream provider. You can also setup 1:1 NAT so that all traffic headed to one of the Public IP's on the MT box is routed to the server. You could also put in a bridge interface and put a Public IP on the server. The first method would require a software firewall, since the server would be fully exposed to the internet. With the other methods, you could put rules into the MT firewall to protect the server.

Posted: Sun Jul 18, 2004 11:16 am
by lastguru
And of course the most like correct method is to ask the provider to route some real IP addresses behind your router for the DMZ, so you could route thaem to the actual computers.

Posted: Mon Jul 19, 2004 2:17 pm
