User Tools

Site Tools


docs:guide-user:firewall:fw3_configurations:fw3_dmz

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
docs:guide-user:firewall:fw3_configurations:fw3_dmz [2018/09/16 12:48]
bobafetthotmail ↷ Page moved from inbox:firewall:fw3_configurations:fw3_dmz to docs:guide-user:firewall:fw3_configurations:fw3_dmz
docs:guide-user:firewall:fw3_configurations:fw3_dmz [2018/09/16 12:49] (current)
bobafetthotmail ↷ Links adapted because of a move operation
Line 32: Line 32:
 It is possible to set up firewall rules based simply on the IP addresses It is possible to set up firewall rules based simply on the IP addresses
 of the public servers ​ of the public servers ​
-(see [[inbox:​firewall:​fw3_configurations:​fw3_nat#​lan-side_public_server|NAT for LAN-side Public Server]]),+(see [[docs:​guide-user:​firewall:​fw3_configurations:​fw3_nat#​lan-side_public_server|NAT for LAN-side Public Server]]),
 but this is not the most secure topology. ​ If an attack exploits a POV but this is not the most secure topology. ​ If an attack exploits a POV
 and gains access to the public server all stations behind the firewall and gains access to the public server all stations behind the firewall
Line 51: Line 51:
  
 This example is based on, and tested against, the This example is based on, and tested against, the
-[[inbox:​firewall:​fw3_configurations:​fw3_ref_topo|Reference Network Topology]].+[[docs:​guide-user:​firewall:​fw3_configurations:​fw3_ref_topo|Reference Network Topology]].
 The ''​STA-server''​ station is a public webserver accessible from the internet. The ''​STA-server''​ station is a public webserver accessible from the internet.
  
Line 169: Line 169:
 Now the most important thing, the reason why you split up you network: the Now the most important thing, the reason why you split up you network: the
 firewall rules. ​ A typical DMZ can be fully provisioned using the firewall rules. ​ A typical DMZ can be fully provisioned using the
-[[inbox:​firewall:​overview|fw3 application]]+[[docs:​guide-user:​firewall:​overview|fw3 application]]
  
 Each VLAN **should** be a unique firewall zone.  So create one for the DMZ. Each VLAN **should** be a unique firewall zone.  So create one for the DMZ.
docs/guide-user/firewall/fw3_configurations/fw3_dmz.1537102139.txt.gz · Last modified: 2018/09/16 12:48 by bobafetthotmail