[ previous ] [ next ] [ threads ]
 
 From:  Adam Gibson <agibson at ptm dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0wall @ colocation facility
 Date:  Mon, 06 Dec 2004 14:49:46 -0500
Jason J. Ellingson wrote:
> I run 8 servers at a co-location facility with m0n0wall protecting them.
...
> All my servers have two NICs... so one gets a WAN (real world) IP and one
> gets a LAN (private) IP.  If you have only one NIC, that's okay... just give
> both IPs to the same NIC.

 From an access control perspective, Why even separate your servers from 
your LAN if you are just going to dual nic the servers on the OPT1 
network connecting to your LAN.  If the servers are compromised they 
have direct access to your LAN that way without any access control from 
the firewall.