Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 690 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DMZ arranging problems

Blackbit
We're using ASL 4.0 with 4 NIC's. 
The arrangement is 2 LAN's and 1 DMZ. In the DMZ we have a Mailserver serving SMTP 
and a Webserver serving HTTP. 
The IP of the Webserver in the DMZ is 194.25.157.86. 
The IP of the Mailserver in the DMZ is 194.25.157.75.
Ther LAN's (192.168.0.x/ 192.168.1.x) are called interactive and classic and use a NIC each. 

The following rules of packet filters are set:

Code:

Blackbit_Interactive_Network 	Any 	Any 			Allow

Blackbit_Classic_Network 		Any 	Any 			Allow

Blackbit_DMZ_Network 		DNS  	Any 			Allow

Any 				DNS 	Blackbit_DMZ_Network 	Allow

Blackbit_DMZ_Network 		SMTP 	Any 			Allow

Any 				SMTP 	Blackbit_DMZ_Network 	Allow

Any 				HTTP 	Blackbit_DMZ_Network 	Allow

go-Demo 			IDENT 	Any 			Allow

go-Demo 			DNS 	Blackbit_DMZ_Network 	Allow


There are several problems occuring:

  •  The servers in the DMZ are not reached from outside.
  •  We have an unknown IP-Spoofing: 
    10:19:12 192.168.0.8 138  ->  255.255.255.255  138  UDP  IP SPOOFING SRC HW ff:ff:ff:ff:ff:ff:00/DST HW 01:af:00:9f:e4:08:00 


  • Thanx in advance for your help.  


This thread was automatically locked due to age.
  • 0
    First off, I commonly see the IP SPOOFING message, and I really ignore it (for the most part as I believe they are false positives).

    As for your second issue, you will need to provide additional info.  ie.  Are you doing port forwarding or is the DMZ a routed segment?  Basically, please provide additional IP info for the DMZ portion.