RE: Access Internal and External Networks

[Meidinger Chris <chris.meidinger () badenit de>]

Although management headaches may abound, my preffered setup is:

                                   |--> Server 1 <--|
INTERNET <--> External Firewall <--|--> Server 2 <--|--> Internal Firewall
<--> LAN
                                   |--> Server 3 <--|

Putting a NIC in each of 2 firewalls for each server can be a bit of a
headache, but the kind of granular control that is available is (in my
opinion) worth it.

just 20% of a Dime,

Chris

-----Original Message-----
From: william () orlitech com au [mailto:william () orlitech com au] 
Sent: Friday, September 19, 2003 12:42 AM
To: security-basics () securityfocus com
Subject: Access Internal and External Networks




I have a need for some servers to access both the external network and the
internal network and am wondering which approach would be best:

1. 2 NIC's in each server one connected to the external network and one
connected to the internal network

2. 1 NIC in each server connected to the internal network and DNAT the
required ports from the external address to the internal address

Thanks

William

---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------