> " Whether you want a DMZ or not (YES, PROXY, NAT, PRIVATE, NO) " > > Proxy > NAT > Private... > > Does PRIVATE mean, that i have a DMZ, but with PRIVATE ip ranges etc,
YES - This is a traditional "routed" DMZ...your ISP routes a block of IP's to the external interface of your firewall PROXY - A "Proxy-ARP" DMZ...used if you've got a block of static IP's from your ISP. The firewall essentially "glues together" two identical network segments, allowing your DMZ systems to be configured with public IP's (just like they were connected directly to your upstream modem), but still having the protection of a firewall. NAT - Similar to a Proxy-ARP setup, but uses static-NAT translation instead. Each DMZ system is configured with a private IP, and a translation table is built, converting public IP's to the private IP of your DMZ systems. PRIVATE - This architecture is unique...it port-forwards specific services to DMZ machines, which have private IP's. The main benifit is you don't have to have multiple IP's assigned to be able to implement this form of DMZ. NO - No DMZ Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user