Proxy
If you have a network like so:
FW (interface with ISP ip and int with 10.1.140.1/does routing) -- L2 SWITCH (outside switch - ip 10.1.140.0/24)
I need to plug in another device to the outside switch with a public ip on the outside internface and then the other interface of the device needs to be setup with an inside ip. Would the outside interface of the device be plugged into the firewall and the inside to the outside switch?
FW (interface with ISP ip and int with 10.1.140.1/does routing) -- L2 SWITCH (outside switch - ip 10.1.140.0/24)
I need to plug in another device to the outside switch with a public ip on the outside internface and then the other interface of the device needs to be setup with an inside ip. Would the outside interface of the device be plugged into the firewall and the inside to the outside switch?
I didn't understand your question..can you explain a little further?
ASKER
Sure, I basically am trying to plug in a network device I am using as a proxy. The issue is at the core I have a firewall and then a layer 2 switch going to the outside. The proxy has one interface with a public ip that routes directely outbound And then an inside interface that goes to the inside network.
I think I will need to plug in 1 interface to the switch and then the other one to the firewall to route outbound?
I think I will need to plug in 1 interface to the switch and then the other one to the firewall to route outbound?
Idealy your proxy should be in a DMZ network, behind the firewall. The proxy can have an internal IP, say 10.2.140.2 and should be connected to the an interface of the firewall. The Proxy IP 10.2.140.2 can be nat-ed to the current public IP for outbound and maybe for inbound conections. Users will point their browsers to the private ip of 102.140.2 for proxy.
See the attached digram for more info.
Hope this helps.
Drawing1.jpg
See the attached digram for more info.
Hope this helps.
Drawing1.jpg
ASKER
Nice diagram - thanks! So it looks like it is plugging into the firewall for the outside interface and you say to nat? Then plugging into the switch in the dmz for the internal interface?
ASKER
Also, if one interface on the proxy has a public ip directly assigned to it and the other interface has an internal ip, the interface with the public ip plugs into the firewall?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, so plug the int with the public ip into the firewall and the other interface into the dmz?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.