Re: [Devil-Linux-discuss] PLEASE HELP VERY URGENT!!! SOS

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

pes coe wrote:
> let me explain you the situation first
> we have a static IP from our internet service provider ok
> our router is a ADSL router with wifi and dmz capabilities
> it has 4 ethernet ports and wifi access

> Second subnet is a class B network for local LAN
> i have considered 172.0.0.10/255.255.0.0 <http://172.0.0.10/255.255.0.0> 

> NOW we have dedicated DMZ server which was earlier connected directly to 
> ADSL router
> BUT now we want it to be in LAN as well
> please let me know how to configure third NIC which subnet it should have
> 
> 1)WHAT SUBNET should i have for 3rd NIC on DL firewall ?  172 network or 
> 192 one (i assume as class b or class c)

Whatever you like so long as it's different from all the other subnets in the 
world or one from the range private network addresses allocated for this purpose 
masqueraded behind the firewall.

Normally what you do is chose 2 subnets, one for your LAN, say 192.168.1.0/24, 
and one for your DMZ, say 192.168.2.0/24, and set port forwards from outside to 
the appropriate place using DNAT in your firewall.

You can also add routing from LAN to DMZ in the firewall if you want to access 
your DMZ from the LAN.

You can use fwbuilder on some other machine to create the firewall exactly how 
you want and download it to your DL system.

Dick