Author:
Per Stenebo
Created:
2011-10-06 09:44:51
Modified:
2017-04-16 12:58:57
en

Example of an DMZ, two firewall config.

The idea of an DMZ (Demilitarized zone) is to have public services available to internet (WAN), like a web server, and still have a high level of protection for your internal network (LAN).

Wikipedia article about DMZ.

Physical components, basic configuration.

phys1

Virtual components inside host computer, basic configuration.

dmz (23K)

Settings

    Securing host ethernet adapter
  • Dedicate a physical network adapter on WAN side in host, for connection to VMnet2.
  • Linux: Set WAN physical network adapter to IP an address of 0.0.0.0
  • Windows: Remove all network protocols, except VMware Bridge protocol, from the dedicated physical network adapter.
    VMware network configuration
  • Bridge VMnet0 to LAN ehernet adapter in host.
  • Bridge VMnet2 to dedicated WAN ethernet adapter in host.

Public services like web- or FTP-server could be located inside DMZ firewall-VM
or
Being located in separate VM, inside DMZ, connected to VMnet3.

Comments to page DMZ Network