Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 11th November 2005, 18:49
jims2321 jims2321 is offline
Junior Member
 
Join Date: Nov 2005
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Proper ISP Hardware Configuration?

This will sound stupid... But what are most members using as their firewall/router for their ISP setup? I have (and maybe I have just overlooked it) seen only setups involving the web/ftp/dns but there are no setups describing the proper hardware/network configuration for a DMZ setup. Correct me if I am wrong, but anybody who allows an ISP or other party to control their firewall is asking for trouble.

I am looking at using ISPconfig, on a new server that I have, but it and the mail, ftp, www server will sit in a DMZ zone, and the internal network will also be behind the firewall. Anybody else doing something similar?

Jim
Reply With Quote
Sponsored Links
  #2  
Old 11th November 2005, 19:51
Mahir Mahir is offline
Member
 
Join Date: Oct 2005
Location: The Netherlands, Apeldoorn
Posts: 40
Thanks: 0
Thanked 1 Time in 1 Post
Send a message via MSN to Mahir Send a message via Yahoo to Mahir
Default

Wel u can disable the ispfirewall and just use ur own one as long as u open all the ports that are needed i am making currently 2 servers 1 with use of ispconfig and one for a company that has a hardware firewall and i have totally no problems.

And about dmz zone i run ispconfig at a home server for testing and that is in a dmz zone this is also noproblem.
Reply With Quote
  #3  
Old 11th November 2005, 19:54
ggere ggere is offline
Junior Member
 
Join Date: Nov 2005
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

We currently use a Cisco PIX firewall device for our firewall and NAT router, although pretty much any firewall device will suffice including another server acting as a firewall. We then block all ports by default and then "punch holes" through for services like ftp, web, email, with NAT redirects to the correct internal IP of the corresponding server.

I think this would be considered a safer setup than putting the servers in a DMZ zone as the entire range of ports on the server are open to potential attacks.

Code:
((Internet)) --> [Firewall/Router] <-- Port 21/ftp ---> [FTP Server]
                                 ^---- Port 80/http --> [Web Server]
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Loading configuration file lance Kernel Questions 2 28th February 2007 20:40
PHP/MySQL/Apache2/ISPConfig configuration issues? senzapaura General 21 25th December 2005 14:01
ISPConfig pop3 problem mphayesuk General 21 31st October 2005 10:53
how to hardware analisys? matehortua Server Operation 4 15th October 2005 19:01
fetchmail configuration lola Installation/Configuration 1 11th May 2005 10:57


All times are GMT +2. The time now is 06:48.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.