[fw-wiz] Basic hardware setup

Marty Richards marty@netwaynetworks.com.au
Tue, 5 Jun 2001 13:54:37 +1000


Hi Stuart,
 
Are your servers meant to be internet accessable? If not, why not move them
to the LAN and remove the need to route between the LAN clients and the
servers.
 
Our setups look something like:

1 ethernet card to the internal LAN
1 ethernet card to the cisco/internet
1 ethernet card to the DMZ.

I would put the dialup clients and any internet accessable servers into the
DMZ. There are some grey areas here though and opinions may differ.

Cheers,
Marty

> -----Original Message-----
> From: Stuart Clark [mailto:sclark@spacelink.com.au]
> Sent: Monday, 4 June 2001 6:06 PM
> To: firewall-wizards@nfr.com
> Subject: [fw-wiz] Basic hardware setup
> 
> 
> Hi,
> 
> I'm setting up a firewall linux box.
> 
> I have
> a cisco 3620 going to the backbone
> servers web,email etc
> a lan
> dial up customers connected to a ascend Max 6000 NAS
> 
> 
> I realise i need in my firewall
> 1 ethernet card to connect to my cisco
> 1 ethernet card to connect to my servers (10.0.0.1)
> 1 ethernet card to connect to my lan (192.168.0.1)
> 
> QUESTIONS
> 1 ) What is the best hardware way to get my dialup user 
> traffic through the
> firewall as well? Do i need to add another ethernet card?
> 2) If I need another ethernet card do i make the subnet from 
> the cisco to
> the firewall different to the subnet from my users to the firewall?
> 
> Regards
> Stuart Clark