Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.
Course Of The Month
1 day, 17 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Public Firewall
Posted on 2011-03-05
We recently implemented Paralells, plesk. You cannot NAT Plesk containers. All containers are public IP's. The class C public IPs sit on the colo's router and then this plugs into my switch using a cat5 cable the colo facility provides. The servers are plugged into the switch too, all having public IP's. I can certainly put a firewall in place and change the gateway on the NIC's on the servers and have the outbound traffic pass thourgh the firewall. The QUESTION is about inbound traffic, how can you have the firewall filter inbound traffic, when it is all public IP broadcast traffic?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
1 Comment
Active 2 days ago
You would need to implement a firewall that works in bridge mode and not as filtering router. In bridge mode they are "transparent" at layer 3 so there is no IP routing or NAT'ing avalaible, but you can still filter traffic.
I have not read it in detail, but I did find how to implment a bridging firewall in Linux using netables.
http://www.spenneberg.com/talks/linux-kongress2002/ralf-spenneberg.bridgewall.pdf
I'm not sure what commercial firewalls will work in bridge mode. I know PIX (now ASA) from Cisco does and I am sure some of the other big names (like Juniper and Checkpoint) do also.
I have not read it in detail, but I did find how to implment a bridging firewall in Linux using netables.
http://www.spenneberg.com/talks/linux-kongress2002/ralf-spenneberg.bridgewall.pdf
I'm not sure what commercial firewalls will work in bridge mode. I know PIX (now ASA) from Cisco does and I am sure some of the other big names (like Juniper and Checkpoint) do also.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint …
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month1 day, 17 hours left to enroll
717 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.