Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [dmz]

In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by information technology professionals. It is sometimes referred to as a perimeter network.

In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by information technology professionals. It is sometimes referred to as a perimeter network.

The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the network.

204 questions
0
votes
2 answers

Debating our network structure (DMZ, database, service)

We're trying to decide where we should locate different servers. Should we put them in the DMZ? In our trusted network zone? And so on... Lots have been written on this topic, but there seems to be different opinions on whether or not to allow…
Tommy Jakobsen
  • 259
  • 5
  • 10
0
votes
2 answers

Cisco ASA5505, packet trace shows bootps and bootpc traffic is dropped on DMZ interface

As the title already states, I have a problem getting DHCPd working on the Cisco ASA5505 version 7.2 with ADSM 5.2 with the basic license. Its an older one I know, and every time I tend to forget how this machine works. Anyway, I have 3 VLAN's…
Johannes
  • 1
  • 1
0
votes
2 answers

Implement a new dns server in a DMZ

I currently have a few Dns servers (ad Integrated). Internally we are using domain.local and one ISA server running DNS domains domain.com and some other .com domains. I have one server that is an ISA server running the domain.com dns as well as…
Mpayze
  • 1
  • 2
0
votes
1 answer

SMB for specific user from DMZ to internal

I've got one server in a DMZ which has limited access via SMB to another one in the internal network. A web server on that external machine needs access to a whole partition on that internal server. I'm still using a quick and dirty solution. the…
Sn0opy
  • 157
  • 1
  • 10
0
votes
1 answer

Centralizing our FTP processes via an SFTP server in our DMZ

We have a number of various FTP processes, running on various internal servers, that connect with outside vendors to send or receive sensitive data files. As such, we don't have one centralized place to keep track of these processes and log what…
Derek
  • 103
  • 1
  • 4
0
votes
1 answer

Giving a VM access to a physical NIC on the host

I am running VMware Server 2.0.2 with 2 VM's. One of the VM's I want to have bridged with the domain/primary NIC of the host which I have done successfully. I want the other VM to have access to only the other NIC on the host which is wired directly…
qroberts
  • 285
  • 1
  • 4
  • 23
0
votes
2 answers

Slow Routing Problem

I've got the following network: ADSL(10.) --- Router (10.0.0.50,172.0.0.1) --- "HTTPServer (172.0.0.10)" | | --- "HTTPS Server" (10.0.0.3) --- Another computer (10.0.0.5) I configured my ADSL router to forward HTTPS to…
Joseph-Verdugo
0
votes
2 answers

Fortigate 40c Firewall Configuration

Does anybody know if is it possible to Un-bridge ports on forgiate 40c? I want to use the fortigate 40c to define and control (block/allow) port traffic for the following 4 ip ranges (each ip range belongs to a different server). port1 -…
RuSh
  • 145
  • 1
  • 3
  • 8
0
votes
2 answers

Fortigate Firewall - DMZ vs Interface ports

I'm considering buying a Fortigate 50b (or Fortigate 60b) firewall to separate my web (iis) machine from the DB machine. (See http://www.fortinet.com/doc/FGT50_100DS.pdf) Till now the two servers were connected directly via a cross cable using the…
RuSh
  • 145
  • 1
  • 3
  • 8
0
votes
1 answer

Connecting to a server inside a DMZ

in this scenario [ net2 / 10.0.1.1 ] ---- [ net1 / 10.0.0.1 ] --- ( Internet ) | | < pc2 > < pc1 > if i set pc2 inside a DMZ would it be able to…
norwat
  • 1
  • 1
0
votes
1 answer

Exsposing owa to internet but not via DMZ?

I need to give internet access to my test Exchange 2003 milieu via owa, which is on my internal network (10-network) which is a milieu whith 5 virtual machines on hyper-V! How do I do that when using DMZ is NOT an option? Thanks a lot in…
Finn Christensen
  • 33
  • 1
  • 5
0
votes
1 answer

Combine two NIC's into one preserving routing (DMZ server / Windows or Linux)

We have a DMZ server with two NIC's, one is accessed from the Internet (public IP) and one from behind the internal firewall (private IP). One application has problems to cope with a 2 IP's / 2 NIC's configuration, it only supports 2 IP's on 1…
Paula G.
  • 1
0
votes
1 answer

DNS (Bind9) Behind Firewall

Im running ubuntu 10.04 and Bind9 behind a firewall. I have forwarded Ports 53 (UDP/TCP) to the local server (192.168.0.4). The DNS system seems to be hit-and-miss when the firewall is enabled, however when I assign the server as the default DMZ…
Brad Morris
  • 241
  • 2
  • 12
0
votes
2 answers

Name Resolution in a DMZ

We're building a new set of web servers to be located in a DMZ, but we want them to be able to use our internal mail server. The mail server has a CNAME of smtp.uk.ourdomain.com - our existing servers have an entry for this in their hosts file.…
PhilPursglove
  • 442
  • 2
  • 7
  • 17
0
votes
2 answers

Port Forwarding failing only to Ubuntu servers from Draytek router

I know this is a kinda unusal question, but Draytek support (..which is very eager to solve the issue) seems to reach its limits. Scenario: Draytek Vigor Multiwan router with current firmware. Multiple WAN IP Aliases on one of the wan ports DMZ (or…
Rufinus
  • 191
  • 2
  • 9
1 2 3
13 14