I am no firewall expert, but I would ASSuME that this topology is inherently
weak. Should not the firewall be dual-homed and be placed between the
router and the LAN hub?
What is preventing your internal PC's from being hit directly via the hub
w/o passing through the firewall first?
In your current scenario, yes. You would have problems applying rules to do
anything here.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of benjamin.c
Sent: Monday, July 24, 2000 3:04 AM
To: [EMAIL PROTECTED]
Subject: Building Firewalls.
Hi all
i am setting up a firewall on a private 2mb lan away from our main network.
now there is a router that the 2 mb pipe feeds into, and that i want to do
is
place the firewall with the pc's
that are on the 2mb Lan, bec we have not space left in the rack. would this
effect me applying rules onto this network
Router
|
| 2Mb Pipe
|
|
|
-------
---------| HUB |--------------
| -------- |
| | | |
| | | |
| | | -------
| --------| |FW-1 |
| | PC || --------
| --------|
------ |
| PC | |
------- |
-----------------
| HTTP WEB |
| Server(linux)|
-----------------
Now would one, have problems applying rules top lets say stop traffic from
the
outside world to the webserver, and then all the other pc's , and then stop
the other pc's from lets say ftping to the internet.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
