[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] How to setup a dual FW1 DMZ?

To: 'Brock Bruner' <bbruner@OPENFS.COM>
Subject: RE: [FW1] How to setup a dual FW1 DMZ?
From: Lee Hughes <lee@polestar.co.uk>
Date: Wed, 1 Nov 2000 14:12:51 -0000
Cc: "'fw-1-mailinglist@lists.us.checkpoint.com'" <fw-1-mailinglist@lists.us.checkpoint.com>

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]


bad idea to put your mail server on the internal network...

best to get a linux machine, config it with send mail and stick it on the
dmz

the config your fire rules something like this

internet ---> dmz mail server  allow
dmz mail server ---> Internal Mail server  allow
internal mail server ---> dmz mail server allow
dmz mail server --> internet smart host mail server allow

as you can see, much more secure... ;-)...

remember , security is more politics and opinion than hard and fast fact's

Cheers,
Lee
-----Original Message-----
From: Brock Bruner [mailto:bbruner@OPENFS.COM]
Sent: 31 October 2000 17:45
To: 'fw-1-mailinglist@lists.us.checkpoint.com'
Subject: [FW1] How to setup a dual FW1 DMZ?



I have seen a lot of examples of how to setup a DMZ by using three
interfaces, one for each part of the network.  Does anyone have any examples
on how to setup a two firewall network that contains a DMZ? See my example
below.


INTERNET ---- FW#1 ---- DMZ ---- FW#2 ---- NETWORK

I am mostly concerned with the fact that the company want to put our mail
server on the internal network.  I just want to make sure that I can have
e-mails get all the way in any out from the internet.  I also want to use
NAT at both firewalls if possible.


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Outer World, DMZ..and Internal NAT
Next by Date: Re: [FW1] Outer World, DMZ..and Internal NAT
Prev by thread: Re: [FW1] Outer World, DMZ..and Internal NAT
Next by thread: RE: Reading Archives (was RE: [FW1] FW performance)
Index(es):
- Date
- Thread