General discussion

Locked

Internal addresses with a web server

By jasonschambers ·
I have just got my company off of static ip addresses and switched to internal with DHCP. I am now trying to keep my web and mail server secure by not putting them out on the internet with a class c static ip address. I am running my dhcp through mysonicwall firewall. Any ideas on how to keep my web and mail servers safe on the internet?

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Internal addresses with a web server

by LiQuiDKeWL In reply to Internal addresses with a ...

Setup the firewall to not accept any incoming packets from external address besides the ones you currently have in place internally. (This is the standard logic for all firewalls). Once you have that in place you should be pretty well secure.

Cheers ....

Collapse -

Internal addresses with a web server

by jasonschambers In reply to Internal addresses with a ...

The question was auto-closed by TechRepublic

Collapse -

Internal addresses with a web server

by Stillatit In reply to Internal addresses with a ...

If your web server needs to be accessable from the internet, it will need a real address on the internet. The same goes for your mail server. The mechanism for doing this, and still having the boxes behind the firewall vary. Here are a couple of choices:

Note, by the way, your servers should have static addresses, even if behind a NAT router. Select a small range of addresses at the beginning or end of your DHCP scope. Exclude these addresses from the DHCP scope. From this pool of addresses,assign static addresses to all of your servers.

Choice 1: Use the port forwarding feature of the router or firewall. Publish the firewall address as the web server address and as your mail server address. Set the firewall to forward packets coming to port 25 to the REAL (internal) address of the mail server. Set the firewall to forward packets coming to port 80 to the REAL (internal) address of the web server.

Choice 2. Give the servers real, routable addresses behind the firewall (you may have to get these addresses from your ISP). Set the firewall to filter out all trafic to those servers except the exact protocols and ports that they should get.

Good luck.

Collapse -

Internal addresses with a web server

by jasonschambers In reply to Internal addresses with a ...

The question was auto-closed by TechRepublic

Collapse -

Internal addresses with a web server

by jasonschambers In reply to Internal addresses with a ...

This question was auto closed due to inactivity

Back to Networks Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums