Ima Bum
asked on
Sonicwall TZ190 Enhanced OS
I have a TZ190 and need to create a DMZ for a Web Server. The web server needs to be able to communicate with a server inside my network. i the 172.16.60.x network. This is my fist time creating a DMZ so I'm learning, and of course, only have two days to get this done.
Right now my network looks like this:
Comcast bridge connects to the TZ190 WAN port which has a Public IP Address.
The LAN port on the TZ190 has an IP address of 172.16.60.1
Can I create a DMZ using the OPT port on the TZ190, lets call that subnet 192.168.1.xand stick the WebServer in the DMZ with only one NIC or should I have NIC's in the server? The server will require a NAT'd address for it's public interface, but just to recap, it also needs to get into my 172.16.60.x network.
If I need to split this up into multiple questions no problem.
Thanks,
RP
Right now my network looks like this:
Comcast bridge connects to the TZ190 WAN port which has a Public IP Address.
The LAN port on the TZ190 has an IP address of 172.16.60.1
Can I create a DMZ using the OPT port on the TZ190, lets call that subnet 192.168.1.xand stick the WebServer in the DMZ with only one NIC or should I have NIC's in the server? The server will require a NAT'd address for it's public interface, but just to recap, it also needs to get into my 172.16.60.x network.
If I need to split this up into multiple questions no problem.
Thanks,
RP
Just curious, why are you putting the web server in a dmz? Why not put the web server on your internal network and just open up port 80 and / or 443?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the responses.
I am required to stick the server in the DMZ per our company security policy and only open up (as was stated by bcdudley) ports 80 & 443.
Thanks for the confirmation Bwaring. I'm going to take a stab at this and see how it goes.
I am required to stick the server in the DMZ per our company security policy and only open up (as was stated by bcdudley) ports 80 & 443.
Thanks for the confirmation Bwaring. I'm going to take a stab at this and see how it goes.