Re: Firewall Planning
No point in having an external firewall if you have an internal wireless (open) network for anyone who wants to use it. You might as well hang a network cable out your window for anyone to use.
On Tue, 21 Oct 2003 11:04:12 -0500, red Sent a mail to Ken Gilmour stating the following:
>All, This may have come up a billion times in the past but, I am
>setting up a FW and I have some basic questions:
>
>Setup 1:(idea at least)
>
> Public ip 64.1.1.x DMZ HOST (ports80,993,143,53)
>upstream 64.1.1. / (internet)---DSLmodem-
>---(64.x)FW(2.x)--HUB/ \ 1.1.1.0/24
>\Linksys(Wireless router) \ \ \ \
> workstation, workstation
>
>
>I have 5 static ips Im using a p400 with two nics (deb woody)
>
>Goals: I want to do Packet Filtering and logging for the DMZ and the
>workstations:
>
>Questions: 1) Do I need three Nics on the Firewall , one for the
>DMZ?
>2) In the drawing above I am running DHCP on the LAN with the
>Linksys Wireless router. Should I run DHCP on the LAN interface on
>the FW instead? What would be the benefits/drawbacks?
>3) If the WAN interface in the router is a 64.1.1.x and the LAN
>interface is a 2.x.x.x/24 will i be able to route the 1.1.1.x/24 and
>DMZ host through the FW?
>4) I want to use Iptables because I heard they are more advanced
>than ipchains is this true?
>5) I am somewhat familiar with the command line IPtables commands,
>but was curious at to what other (non gui) tools I could use to
>write rules.?
>
>
>
>Thanks In advance -red
>
>
>
>
Reply to: