Dan, Thanks for the response.
> Do you have the subnet set to 255.255.248.0 or wider across all the machines > across the LAN & DMZ? All subnet masks are 255.255.255.0 Is that OK? > Instead, I usually use 192.168.1.x for the internal LAN and 192.168.0.x for > the DMZ zone; with a "double-C" subnet of 255.255.254.0. > > If I only have one server in the DMZ - Better since it's easier to harden a > single machine - I assign it 192.168.1.2, and the rest of the machines inside > the firewall 192.168.1.3 through ...250. The DMZ will be a single machine. Primarily a game server and FTP server for tranferring files from work to home and back that are too large to email. I am confused be your response where you say 192.168.0.x for the DMZ but later say you assigned it 192.168.1.2. What am I missing? My main subnet is all using fixed IPs of 192.168.1.x. This consists of a houseful of Win 98 machines used for email and web access primarily. The DMX is a Redhat machine. Thanks, Kory > Hope this helps! > Dan > > >-----Original Message----- > >From: Kory Krofft > >Sent: Tuesday, December 25, 2001 4:09 PM > >To: [EMAIL PROTECTED] > >Subject: [Leaf-user] adding a subnet > > > > > >Merry Christmas! > >I am adding a subnet so I can later open it up as a DMZ. I have made > >some progess so far. Using Dachstein floppy my plan looks like this: > >eth0 Public side of the lrp > >eth1 private net 1 using 192.168.1 subnet > >eth2 private net 2 (DMZ) using 192.168.10 subnet > > > >LRP can ping both subnets > >subnets cannot ping each other > >192.168.10 cannot ping anything > >192.168.1 has full internet access but cannot ping past firewall(name > >resolution works) > > > >Assume the simplest errors and send me a note please. If you wish to see > >a particular config file just ask and I will post the pertinent section. > > > >Thank you, > > > >Kory Krofft _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
