Security

General discussion

Gravatar
Locked

Firewall Configuration help needed

By Whatme? ·
I would like to set up a hardware firewall, specifically a SonicWall 100 with a DMZ. My existing configuration may make this difficult though. Does anyone have any recommendations as to how I can accomplish this?
I have 5 separate physical sites, each with a DC w/DHCP,DNS and global catalogue. All sites including the routers are private addressing and routed to only one site with an IP gateway. I have a limited number of valid IP addresses to use for my DMZ. Now physically, I only have one circuit coming into each site. At site 5 (my Gateway) I still only have one circuit coming into the building.
Addressing as follows:
Site 1. router:LAN 172.20.140.254 into my DC: 172.20.140.1
Site 2. router: LAN 172.21.140.254 into my DC: 172.21.140.1
Site 3. router:LAN 172.22.140.254 into my DC: 172.22.140.1
Site 4. router:LAN 172.24.140.254 into my DC: 172.24.140.1
Site 5. router:LAN 172.23.140.254 into my DC: 172.23.140.1
WAN 2xx.xxx.xxx.xxx ? 2xx.xxx.xxx.xxx
Site 5s circuit only comes in on one Ethernet circuit so I don?t know how to configure my router to the sonicwall without adding another complete circuit for the firewall.
Does this make any sense? HELP
email me for more info if needed. mervt@polarnet.ca

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

Gateway router

by Milstar In reply to Firewall Configuration he ...

Let me see now, you have say a 4 port router with one WAN connection. Is it not possible that the settings should be all links are the same IP however all have separate submasked addresses.
(172.20.140.254 assigned subnet address 172.20.140.1 , then next would be the 172.20.140.2 , ect?)
I use NAT firewall, that is Network automatic translation where the gateway configures the sub gateway mask itself.
If, you have much a problem install software firewall on the individual LANed computers andthe primary computer to which the gateway was set-up Cloan the MAC: address to the gateway router.

gravatar
Collapse -

single ports on routers

by Whatme? In reply to Gateway router

Just a single port on each router. Each router is at an individual site. That is my problem. the other 4 sites are routed to the 5th site which then uses the same incoming circuit to route out to the internet. I am trying to avoid buying a complete separate wan ip gateway circuit.

Back to Security Forum
2 total posts (Page 1 of 1)  

Start or search

Related Discussions

Related Forums