Author:
Per Stenebo
Per Stenebo
Created:
2011-10-06 09:44:51
2011-10-06 09:44:51
Modified:
2017-04-16 12:58:57
2017-04-16 12:58:57
Example of an DMZ, two firewall config.
The idea of an DMZ (Demilitarized zone) is to have public services available to internet (WAN), like a web server, and still have a high level of protection for your internal network (LAN).
Wikipedia article about DMZ.
Physical components, basic configuration.
Virtual components inside host computer, basic configuration.
Settings
- Securing host ethernet adapter
- Dedicate a physical network adapter on WAN side in host, for connection to VMnet2.
- Linux: Set WAN physical network adapter to IP an address of 0.0.0.0
- Windows: Remove all network protocols, except VMware Bridge protocol, from the dedicated physical network adapter.
- VMware network configuration
- Bridge VMnet0 to LAN ehernet adapter in host.
- Bridge VMnet2 to dedicated WAN ethernet adapter in host.
Public services like web- or FTP-server could be located inside DMZ firewall-VM
or
Being located in separate VM, inside DMZ, connected to VMnet3.