ipfw - accessing DMZ from LAN
Freddie Cash
fjwcash at gmail.com
Sat Oct 1 20:02:46 UTC 2011
On Oct 1, 2011 12:16 PM, "Marek Salwerowicz" <marek_sal at wp.pl> wrote:
>
> W dniu 2011-09-30 17:44, Freddie Cash pisze:
>
>>
>> that's the correct behaviour, as the public IPs are physically assigned
to
>> the interfaces on the router. Thus, connecting to the public IPs from
the
>> router ... will connect to the router.
>>
>> You need to ping the private IPs from the router, since the router is
>> directly connected to the private networks.
>>
> And how about pinging from other DMZ host to DMZ host (both are in the
same subnet) ?
> Am I able to allow them to contact using public IPs?
No. They would have to connect using private IPs.
However, you could setup split-DNS or views and just configure everything to
connect using hostnames. It's extra work to setup, but does make things
easier down-the-road.
Freddie
fjwcash at gmail.com
More information about the freebsd-net
mailing list