|
||||||||||
> > My plan is to make the test server visible from the LAN but not the WAN. > > > > Ok, but why do you put it in the DMZ then? > The purpose of putting it in the DMZ is first to test, then make live. I just don't want to be attacked until I've worked out the bugs. I am basically trying to move our servers off the LAN onto the DMZ and since I'm the only fish (admin) in my fish bowl, this forum is where I bounce my ideas. Thanks -Don On 4/18/05, Ugo Bellavance <ugob at camo dash route dot com> wrote: > Don Munyak wrote: > > This is probably a noob question, but I just want to confirm first. > > > > I have setup m0n0wall v1.11 with three interfaces, WAN, LAN, DMZ. I > > have not yet moved any servers from the LAN over to the DMZ. The NAT > > 1:1 is currently coming into specific LAN servers. > > > > Our LAN network is 192.168.222.0 /24 > > The DMZ network is 192.168.10.0 /24 > > Test server 192.168.10.5 /24 > > > > I want to put a test webserver on the DMZ, but I don't want to make it > > public, nor suseptable to WAN traffic. By simply not specifying any > > NAT or Server settings will allow the server on the DMZ network to > > remain invisible to internet traffic...Correct ?? > > Yes. You can even enforce a firewall rule if you want. > > > > > The next step of testing I was planning to add an entry in one of our > > internal DNS servers with a static router in m0n0wall for accessing > > the webserver. Does this sound reasonable ? > > > > It works here. > > > My plan is to make the test server visible from the LAN but not the WAN. > > > > Ok, but why do you put it in the DMZ then? > > > Thanks > > > > - Don > > Ugo > > (I'm a newbie too, please correct me if i'm wrong) > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |