Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: Access Internal and External Networks
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Sat, 20 Sep 2003 02:54:16 +0200
On 2003-09-18 william () orlitech com au wrote:

I have a need for some servers to access both the external network and
the internal network and am wondering which approach would be best:

1. 2 NIC's in each server one connected to the external network and
   one connected to the internal network

2. 1 NIC in each server connected to the internal network and DNAT the
   required ports from the external address to the internal address


Use a DMZ-setup like this:

ExternalNet---RouterA---Switch---RouterB---InternalNet
                          |
                        Servers

or

ExternalNet---Router---InternalNet
                |
              Switch
                |
              Servers

I also suggest to re-evaluate if you *really* need the servers to access
the internal network, as it would violate the DMZ. It's better practice
to move everything that the servers need to access to the DMZ as well
(or at least to another separate network). IMHO.

Regards
Ansgar Wiechers

---------------------------------------------------------------------------
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]