Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 220
  • Last Modified:

Firewall

Hi,

My company uses eSoft Instagate EX2, we purchased DMZ component, and put web server in dmz, we need to transfer a lot of files from our file server (inside firewall) to DMZ so our users can reach them. What have been happening is that connection keeps dropping, I called the support, guess what, they could not solve the problem...........at the point that connection dropped, based on the log, they claimed everything is fine, just that file copying stooped, did not show any sign of dropping......

I have tried to move the server back in the firewall so that are on the same sub net, I used the same cable to transfer data, everything is fine, but once I move it to the DMZ, they are on different sub net, connection dropping happens again..

Do EEs have this kind of problem before?  thx
0
mcrmg
Asked:
mcrmg
  • 2
  • 2
2 Solutions
 
rsivanandanCommented:
I haven't worked on this product but let me tell you the basic way of how these things allow traffic. Your internal network is considered to be the safest while DMZ is kinda 'okay' and external world being unsafe. You might need to allow traffic 'both incoming and outgoing' from inside to dmz and only then it will work. Check the rules and make sure you can do that.

Cheers,
Rajesh
0
 
mcrmgAuthor Commented:
Hmm........right now, I only allow one way traffic which is from inside to DMZ because I need to move files over to DMZ, but if I enable two way traffic, does it mean that DMZ is useless now, right?  thx
0
 
rsivanandanCommented:
Not necessarily, depending on the scenario. Ideally you would be restricting access to DMZ only to the needed application/port combinations. So take a quick look at them once again, the rules. Also can you describe about what kind of file transfer etc?

Cheers,
Rajesh
0
 
Keith AlabasterEnterprise ArchitectCommented:
No, because you will dictate the source and destination addresses (within internal and DMZ) that are acceptable to pass traffic plus the types of traffic that can pass. Rajesh has it spot on.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Thanks :)
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now