Dual nic with DMZ via firewall
- From: dsellinger@xxxxxxxxx
- Date: 27 Mar 2007 01:08:17 -0700
I will be installing sbs standard next week and I would like to setup
the WAN NIC to be in our firewalls DMZ. (currently zywall100 dmz port -
switch -> 2 web servers)
Are there any problems with this? Local web access should continue to
use firewall as gateway, but web facing sbs services like incoming
email or rww would be protected via DMZ firewall rules.
Somehow I feel a lot safer poking holes into the DMZ then onto the
LAN. But then the usual protection of the DMZ doesn't exist anymore.
If the SBS box is compromised then it also exists on the LAN so maybe
it makes no difference. I still think i would prefer to have SBS on
the DMZ so that it can use it's own IP address and not just share the
firewalls. I guess I would rather not have it's IP resolve to any
name either.
Also will there be routing problems with LAN users checking email etc.
if exchange is bound to an external IP?
Thanks for your suggestions/expertise .
(btw zywall100 is a good firewall with a real DMZ port)
.
- Follow-Ups:
- Re: Dual nic with DMZ via firewall
- From: Leythos
- Re: Dual nic with DMZ via firewall
- Prev by Date: Roaming Profiles
- Next by Date: Re: SBS 2003 - install msde 2000 with sql 2005 express
- Previous by thread: SBS2000 Exchange to SBS 2003 Exchange
- Next by thread: Re: Dual nic with DMZ via firewall
- Index(es):
Relevant Pages
|
