Actually, IMO there are a number of possible designs, depending on what you want to allow or not.
The place where I'm at just recently went through another transformation... Where a number of separate businesses share officespace and typically Internet bandwidth. In a previous configuration, I placed one company's physical network "behind" another network. Using default gateways and static routing, I enabled the "behind" network's gateway to point directly to the Internet Gateway through the other network. No one on each network could see the other at all (except for my own machine which was configured multi-homed on both networks for administration). My current configuration physically connects two company's networks because they share a broadcast-based service... But through subnetting <normally> each company can only see its own machines. Because all it would take is to use a less restrictive subnetmask to see the other network, it's less secure than the first design. The design John describes should work also, "DMZ" is only a name to describe one of the zones in a multi-homed router with configurable rules for each zone. Tony -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Tolmachoff Sent: Monday, April 08, 2002 8:30 AM To: [EMAIL PROTECTED] Subject: RE: [SonicWALL]- Bandwidth Sharing We do the same with a client next door to us. Although we use ISA server as the firewall, the logic is the same. They are connected to the switch off of the DMZ. They are on a separate subnet with a public IP. (I sub netted our IP addresses at the router.) They use a Linksys (DSL) router, with the WAN interface being the public IP we assigned. It is working well. John Tolmachoff IT Manager, Network Engineer 211 E. Imperial Hwy., Suite 106 Fullerton, CA� 92835 714-578-7999, ext. 104 [EMAIL PROTECTED] www.reliancesoft.com � -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chris Hunt Sent: Monday, April 08, 2002 7:58 AM To: [EMAIL PROTECTED] Subject: [SonicWALL]- Bandwidth Sharing I'm thinking about sharing my T-1 (don't worry, it won't effect list delivery ;) with a supplier 200 yards away. Not being a ISP, I'm wondering how I should link the wireless into the wired. I could use a public IP and have them in the switch that is plugged into the DMZ port of my Sonicwall. Or insert a switch between the router and the sonicwall. Or could I use a internal IP and plug them in the LAN side of the sonicwall. Chris --- [This E-mail scanned for viruses by Declude/F-Prot Virus] ==================================================================================================To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/
