|
||||||||
Jason J. Ellingson wrote: > I run 8 servers at a co-location facility with m0n0wall protecting them. ... > All my servers have two NICs... so one gets a WAN (real world) IP and one > gets a LAN (private) IP. If you have only one NIC, that's okay... just give > both IPs to the same NIC. From an access control perspective, Why even separate your servers from your LAN if you are just going to dual nic the servers on the OPT1 network connecting to your LAN. If the servers are compromised they have direct access to your LAN that way without any access control from the firewall. |