[ previous ] [ next ] [ threads ]
 From:  Don Munyak <don dot munyak at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Fwd: [m0n0wall] Design question using MONOWALL
 Date:  Tue, 4 Oct 2005 12:15:19 -0400
>> I have a client that has been assigned a /28 subnet for public IP's.  Their
>> internal network will be a 192.168.1.X network however the question is where
>> the best place to put their servers, NATed on the same network or in the
>> DMZ.  In either case, all servers will have there own host firewall
>> protection, but I wanted to know what makes the most sense.

Placement of the servers..

If the servers are being accessed from the internet, standard rule of
best practices says to place these in DMZ, separate from the LAN.

If LAN pc's need access to the servers, then you will probably want to
setup a private secondary DNS to allow LAN pc access to these servers.

- Don