Security Basics mailing list archives
Re: Access Internal and External Networks
From: alias () securityfocus com
Date: Mon, 22 Sep 2003 14:39:35 +0300
IMHO, and given these choices, go for 2. For the first choice, you should at best build a firewall for every machine individually, which is a trouble by itself. Moreover, you do not create a chokepoint or single point of failure that is generally considered a good idea when building firewalls. Finally, properly setting up the machine that will do the DNATing, you will have more control over what goes to the servers and what not. just my 0.02 CG On Friday 19 September 2003 01:42, william () orlitech com au wrote:
I have a need for some servers to access both the external network and the internal network and am wondering which approach would be best: 1. 2 NIC's in each server one connected to the external network and one connected to the internal network 2. 1 NIC in each server connected to the internal network and DNAT the required ports from the external address to the internal address Thanks William
____________________________________________________________________ http://www.freemail.gr - ������ �������� ������������ ������������. http://www.freemail.gr - free email service for the Greek-speaking. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Access Internal and External Networks william (Sep 19)
- Re: Access Internal and External Networks JGrimshaw (Sep 19)
- Re: Access Internal and External Networks John Hollyoak (Sep 19)
- RE: Access Internal and External Networks David Gillett (Sep 19)
- Re: Access Internal and External Networks Ansgar -59cobalt- Wiechers (Sep 22)
- Re: Access Internal and External Networks alias (Sep 22)
- <Possible follow-ups>
- RE: Access Internal and External Networks Hagen, Eric (Sep 19)
- RE: Access Internal and External Networks Meidinger Chris (Sep 22)