So basically, you're saying that the Aux interface is fundamentally the same as the inside interface on a firewall?  So I can assign non routable addresses to hosts in the DMZ zone, have the firewall use NAT to allow access to websites within the DMZ zone, and apply rules and filters to it as well?
----- Original Message -----
Sent: Monday, March 19, 2001 3:48 PM
Subject: RE: DMZ

I wouldn't have requests coming to the third interface at all; I'd have them come to the outside interface and be forwarded to the third interface, the same as if it were another inside network. Even make the addresses non-routable, if possible.
 
--
Mimi L. Carpenter, Network Security Engineer
Screen Actors Guild Producers Pension and Health Plans
I speak only for myself.
 
-----Original Message-----
From: Edward Ingram [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 19, 2001 3:28 PM
To: [EMAIL PROTECTED]
Subject: DMZ

When it comes to setting up DMZ zones, can the same set of filters and rules be applied to a DMZ (Aux) interface of a firewall as could be applied to the inside/outside interface?  Our company hosts a number of websites and I'd like to place them in a DMZ zone to separate them from our network users, but I'd also like to protect them as well.
 
 

Reply via email to