bad idea to put your mail server on the internal network...
best to get a linux machine, config it with send mail and stick it on the
dmz
the config your fire rules something like this
internet ---> dmz mail server allow
dmz mail server ---> Internal Mail server allow
internal mail server ---> dmz mail server allow
dmz mail server --> internet smart host mail server allow
as you can see, much more secure... ;-)...
remember , security is more politics and opinion than hard and fast fact's
Cheers,
Lee
-----Original Message-----
From: Brock Bruner [mailto:[EMAIL PROTECTED]]
Sent: 31 October 2000 17:45
To: '[EMAIL PROTECTED]'
Subject: [FW1] How to setup a dual FW1 DMZ?
I have seen a lot of examples of how to setup a DMZ by using three
interfaces, one for each part of the network. Does anyone have any examples
on how to setup a two firewall network that contains a DMZ? See my example
below.
INTERNET ---- FW#1 ---- DMZ ---- FW#2 ---- NETWORK
I am mostly concerned with the fact that the company want to put our mail
server on the internal network. I just want to make sure that I can have
e-mails get all the way in any out from the internet. I also want to use
NAT at both firewalls if possible.
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
