I'm having a problem understanding the DMZ concept. Perhaps someone could help me.
I currently have 3 public servers in our system with public IP addresses of 12.3x.4x.101, 12.3x.4x.102, and 12.3x.4x.103 and I would like to setup ASL and move them to the DMZ. I would also like to use private addresses for them from the same range as we'll be using for our computers on the internal interface to resolve a problem we're having with an application running on one of the servers.
What I'm getting confused about is how traffic coming from the internet is directed to each particular server once it's given a private IP. When I create and configure the private IP address of each server what addresses do I give out to the public to reach these servers?
So, I configure the private IP of our database server to 192.168.0.101 and call it "database" and choose "host", create a DNAT rule for the server under NAT/masquerading, and create a packet filter rule and turn the rule on. Where do I set the public address for users on the internet to browse to that ASL directs to 192.168.0.100 and which allows me to get requests directed to the proper server?
Thanks,
Ellis
This thread was automatically locked due to age.
