Gary Buckmaster wrote:
Echo what Tim said. Given this new set of information about your
network setup, 1:1 NAT would be a much more appropriate choice for
this particular network.
PS... I opted for 1:1 rather than bridging. This gives the servers
public addresses, but also allows me to expand in ways not possible with
bridging.
Along the same lines, something I can't do with my bridged DMZ setup is
CARP (failover), but that's something I want to do, as the firewall in
question is pretty critical to my organisation. If we had it in a 1:1
NAT situation, we would be able to do CARP. Just another idea to add to
your reasons for going with 1:1.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
