I have a Netscreen 5gt (not 5gt plus)
I have 2 servers. 1 webserver and 1 SQL server
I want to put the webserver in a DMZ with an network address in 192.168.1.0/24
I want to put the SQL server in another Trusted Zone with a network address in 10.10.10.0/24 with the rest of my LAN
The webserver needs to be able to talk to the SQL server to retrieve SQL data.
How do I do that?
Can I take 2 ports and bind them to 1 virtual Interface? (like port 1-2 = DMZ 10.10.10.0/24 and port 3-4 = LAN = 10.10.20.0/24)
I've tried the Work/Home Zone setup but you cant' create or edit the 'From Home To Work' policy to allow any type of communication from the 'Home' zone to the 'Work' zone. When I try to add or clone that policy and use the 'permit' setting it just throws an error saying that it cant understand.
Can I just set the firewall up as 'Trust/Untrust and then create zones using the Trust ports to create a DMZ somehow?
Would that be any different or less secure than the 'Work/Home' zone setup? (is there any filtering going on in the home/work port mode that wouldn't be going on if I created my own zones somehow?)