Re: PIX firewalling web servers
From: Wolfgang Kueter (wolfgang_at_shconnect.de)
Date: 07/23/04
- Next message: DDDD: "Re: Zone Alarm True Vector Monitor"
- Previous message: Dave Bowman: "Re: Redirect outside traffic on a specific internal address on pix506"
- In reply to: Daniel Foster: "PIX firewalling web servers"
- Next in thread: T. Sean Weintz: "Re: PIX firewalling web servers"
- Reply: T. Sean Weintz: "Re: PIX firewalling web servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Jul 2004 18:41:37 +0200
Daniel Foster wrote:
> Hi,
>
> We need to run a firewall in front of our web servers.
- Why?
- What kind of 'firewall'? Packet filter or proxy?
> They are on
> multiple subnets, so the solution would seem to be to have the internet
> connection coming into a perimeter router, then to the firewall, then to
> an internal router and out to the servers.
Ever thought of using VLAN's?
> I'm having a bit of
> difficulty finding any examples of this configuration, although it must
> be in use a lot. Could anyone run through the specifics or provide an
> example configuration? If possible I'd like to avoid running NAT and PAT.
The PIX is not a router.
Wolfgang
-- A foreign body and a foreign mind never welcome in the land of the blind Peter Gabriel, Not one of us, 1980
- Next message: DDDD: "Re: Zone Alarm True Vector Monitor"
- Previous message: Dave Bowman: "Re: Redirect outside traffic on a specific internal address on pix506"
- In reply to: Daniel Foster: "PIX firewalling web servers"
- Next in thread: T. Sean Weintz: "Re: PIX firewalling web servers"
- Reply: T. Sean Weintz: "Re: PIX firewalling web servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
