troubleshooting Question

DMZ Question

Avatar of stamperb
stamperb asked on
Hardware Firewalls
1 Comment1 Solution317 ViewsLast Modified:
In most of the networks I've worked with things have been small.  So either there has been no DMZ or a very small one.  In all of them all of the services were NAT'd to from External (public) IP's that lived on the firewall.  So a web server would have an external IP on the firewall that simply had a port forward to its internal (private) ip.  What i'm curious about is how in a large network does the DMZ work.  If you have 30 web server 10 mail servers.  Each of them needs to be placed in the DMZ?  Is everything still NAT'd with ports forwarded thru to the servers?  Or do the servers all get their own public IP?  And if they do how do you get the trafic routed so it gets to the servers?  I mean a ds-3 (or other line) comes in from the internet with a full public class C.  It hits the firewall but how then does it get to the servers unless the firewall has all the IP's on its external side.  I hope this makes since.

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros