Example of an DMZ, two firewall config.

The idea of an DMZ (Demilitarized zone) is to have public services available to internet (WAN), like a web server, and still have a high level of protection for your internal network (LAN).

Physical components, basic configuration.


Virtual components inside host computer, basic configuration.

    Securing host ethernet adapter
  • Dedicate a physical network adapter on WAN side in host, for connection to VMnet2.
  • Linux: Set WAN physical network adapter to IP an address of
  • Windows: Remove all network protocols, except VMware Bridge protocol, from the dedicated physical network adapter.
    VMware network configuration
  • Bridge VMnet0 to LAN ehernet adapter in host.
  • Bridge VMnet2 to dedicated WAN ethernet adapter in host.

Public services like web- or FTP-server could be located inside DMZ firewall-VM
Being located in separate VM, inside DMZ, connected to VMnet3.

