Link to home
Start Free TrialLog in
Avatar of junioradmin55
junioradmin55

asked on

first frontend backend firewall setup

I want to set up a frontend backend firewall setup for our company . The frontend firewall will be a sonicwall pro 2040 and the backend will be isa server 2000. I have the 2040 in place running as a frontend. I than put isa server behind it but when I enter the isa servers ip address in as my proxy I can't get to the internet. Is there something that I must do on the frontend firewall for sonicwall pro 2040  to be able to gain internet access and proxy it to the internal lan clients. Also let me tell you the physical setup I have the dsl connected to a switch the external interface of the sonicwall pro 2040  and the isa server is also connected to that switch. The isa box is using the external interface is using the ip address of astaro's internal interface as its gateway.
ASKER CERTIFIED SOLUTION
Avatar of Nemesis-Services
Nemesis-Services
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of junioradmin55
junioradmin55

ASKER

Thanks for the reply actually I just stared this job and I'm new to the entire dmz concept. Most dmz's I've set up in the past have been using 3 interfaces on a single firewall. I think I'm going to test this on my home lan before I implement it at work.So I would like to setup a test lab at home to practice setting up a a dmz. At home I have the following products isa server 2000 and 2004 astaro version 5 and also a netgear fvs318 router. I'm trying to decide if I should use the netgear on the frontend and isa 2004 on the backend or if I should use astaro on the front and isa server 2004 on the back. My internal lan will be 192.168.15 the wan will be my cable modem and the dmz will be 192.168.45. I would like to ask you about interface setup what default gaewats will i use for the setup.
Avatar of Nemesis-Services
Nemesis-Services
TheLearnedOne,

I believe I have answered junioradmin55 original question, which was 'to be able to gain internet access and proxy it to the internal lan clients'

Nemesis-Services
Avatar of Nemesis-Services
Nemesis-Services
thanks modulo