Hi everybody
I have a problem with a firewall that I been trying to set up.
The case is that I need to set up a firewall between the coorporate LAN and
the internet and allow public access to a web server. So I thought (after
having read a lot of posts about DMZ) this is a classic DMZ scenario, but as
I tried to implement it (using ipchains and RH6.1) I found that the routing
is a bit of a problem. Here comes a scheme to make it clear how my setup is:
The firewall has three nic's:
Internal: eth0, 192.168.10.10/255.255.255.0
DMZ: eth1, 172.24.42.200/255.255.0.0
External: eth2, 172.24.42.100/255.255.0.0
The WEB-server has ip 172.24.42.222/255.255.0.0
The problem is that RH put up a route from 172.24.0.0 to eth1 AND eth2,
which makes all the packets end up the wrong places.
This ends with two questions:
How do I remove the route?
Is this approch good / correct? How should a DMZ otherwise be setup?
Thanks in advance
Jacob Kjeldahl
Spobjergvej 42,12
8220 Brabrand
tlf. 894449176
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
