Hi , I have to find a fast fix for the below so appreciate anyones help or advice -
Current scenario -
1 x SonicWALL TZ170 Enhanced OS
1 x LAN (192.*.*.*)
1 x DMZ (10.*.*.*)
1 x 10MB lan extension (connects 2 offices with private circuit)
I have 2 web servers in the DMZ and 1 web server outside the DMZ. All 3 servers are on a 10.10.10.* address and 255.255.255.0 subnet. Obviously the DMZ servers have a different gateway than the one on the LAN -
The 2 servers inside the DMZ can ping each other & are pingable from LAN XP clients. The server on the LAN with 10.10.10.*address is unpingable from anywhere which is causing me great problems.
Physical location's restrict me from adding the 3rd server to the DMZ so I temporarily added it to the LAN domain as above to test, with no joy. I could simply give the 3rd server a LAN address (192.168.45.*) and create a rule to allow the servers in the DMZ to talk to the server on the LAN but I feel security may be compromised if I do this...
FYI - The FireWALL/DMZ/DMZ Servers are on one end of a Lan Extension Circuit, whilst the single server is on the other, hence the reasons I cannot add it to the DMZ..
Could I create a VLAN on the LAN switch as follows?
Port 20 Port 20
Server1>>>>Lan Switch<----------VLAN------------->Lan Switch<--------->DMZ<--------->Server2
1 - at server1 end I patch the server to port 20 (Enable VLAN)
2 - at server 3 end I patch the port 20 (Enable VLAN) into the DMZ switch
Am I going mental or would this work?