Maximum number of subnets on a firewall

[Paolo Supino <paolo () telmap com>]

Hi 

  A couple of weeks ago I sent an email about a possible firewall layout for
3 companies. After reading the answers and doing some drawings in visio (if
anyone has has a better tool, please le me know) I setup the firewall in the
following way
(BTW: Their needs turned out to be more complex than simply having a LAN
segment a DMZ segment and an outside segment for each of them): 
1. a Single firewall for all 3 companies. This is because all 3 companies
will also share the same outsourced IT department.  
2. Each company gets a segment to for their company LAN. 
3. There is 1 segment that is considered internet segment where all
companies will have their internet servers.
4. Each of the companies needs/wants a segment where they can setup their
own product's servers and want to be able to control the source IP of the
client closely on a need basis and don't want to share the same segment.
5. 1 segment is connected to the router. 
6. The company giving the IT service insisted on having all resources in 1
room and have  separate segment for out of band management of the servers.  
7. 1 segment will have a WIFI access point connected to it and according to
the logon user used access will be granted to the right lans (tried to
object to this but failed). 


  This setup was made resdundent by having an active-passive duo setup.
That's it, comments, ideas are welcome.  




        Paolo 
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards