[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] Firewall with one physical and one virtual interface
Hi list,
I have multiple dedicated servers at a provider that does not offer a
firewall. Nor is it possible to get a second network interface for one of
the servers and configure it as a firewall. I was therefore thinking of
reconfiguring one of the servers as a firewall with a physical interface to
the outside world and a virtual interface to the inside. The internal
interface of the firewall and all servers would be assigned a private IP
address. The firewall would perform DNAT for the servers.
What are your security concerns about this setup?
Note: I really need a firewall for the servers because they are running
Win2K & Win2K3.
The setup is like this:
#
#
# eth0 (public IP)
####################
# #
# FIREWALL #
# (performs DNAT) #
####################
# eth0:0 (private IP)
#
## ##
(private IP)# # (private IP)
########## ##########
# # # #
# SRV1 # # SRV2 #
# # # #
########## ##########
thanx,
Lukas
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here