I am building a DMZ comprised of 2 FW-1 firewalls. Should I use private or
public addresses in the DMZ. In other words, I was going to setup my DMZ
with public address on the external nic of the firewall facing the internet
and have private addresses on the internal nic.
The private addresses in the DMZ would be different from the private
addresses in my internal network. Therefore, the external nic of my Internal
firewall, the one connected to my private network and the DMZ, will have
addresses of the DMZ.
(Public IP)
x.x.x.x
External Firewall
192.x.x.x
*
*
DMZ*****Server(192.x.x.x)
*
*
192.x.x.x
Internal Firewall
x.x.x.x (Private IP)
The management server will be in my private network. Will this cause a
problem with pushing out policies and putkeys?
What might be the pros and cons of this config?
Also, can anyone let me know of any good sources of how to build a secure
DMZ?
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
