Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Public Firewall

Posted on 2011-03-05
1
Medium Priority
?
361 Views
Last Modified: 2012-05-11
We recently implemented Paralells, plesk.  You cannot NAT Plesk containers.  All containers are public IP's.  The class C public IPs sit on the colo's router and then this plugs into my switch using a cat5 cable the colo facility provides.  The servers are plugged into the switch too, all having public IP's.  I can certainly put a firewall in place and change the gateway on the NIC's on the servers and have the outbound traffic pass thourgh the firewall.  The QUESTION is about inbound traffic, how can you have the firewall filter inbound traffic, when it is all public IP broadcast traffic?
0
Comment
Question by:centuric
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 57

Accepted Solution

by:
giltjr earned 2000 total points
ID: 35044301
You would need to implement a firewall that works in bridge mode and not as filtering router.  In bridge mode they are "transparent" at layer 3 so there is no IP routing or NAT'ing avalaible, but you can still filter traffic.

I have not read it in detail, but I did find how to implment a bridging firewall in Linux using netables.

     http://www.spenneberg.com/talks/linux-kongress2002/ralf-spenneberg.bridgewall.pdf

I'm not sure what commercial firewalls will work in bridge mode.  I know PIX (now ASA) from Cisco does and I am sure some of the other big names (like Juniper and Checkpoint) do also.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question