Proper ISP Hardware Configuration?

Discussion in 'HOWTO-Related Questions' started by jims2321, Nov 11, 2005.

  1. jims2321

    jims2321 New Member

    This will sound stupid... But what are most members using as their firewall/router for their ISP setup? I have (and maybe I have just overlooked it) seen only setups involving the web/ftp/dns but there are no setups describing the proper hardware/network configuration for a DMZ setup. Correct me if I am wrong, but anybody who allows an ISP or other party to control their firewall is asking for trouble.

    I am looking at using ISPconfig, on a new server that I have, but it and the mail, ftp, www server will sit in a DMZ zone, and the internal network will also be behind the firewall. Anybody else doing something similar?

    Jim
     
  2. Mahir

    Mahir New Member

    Wel u can disable the ispfirewall and just use ur own one as long as u open all the ports that are needed i am making currently 2 servers 1 with use of ispconfig and one for a company that has a hardware firewall and i have totally no problems.

    And about dmz zone i run ispconfig at a home server for testing and that is in a dmz zone this is also noproblem.
     
  3. ggere

    ggere New Member

    We currently use a Cisco PIX firewall device for our firewall and NAT router, although pretty much any firewall device will suffice including another server acting as a firewall. We then block all ports by default and then "punch holes" through for services like ftp, web, email, with NAT redirects to the correct internal IP of the corresponding server.

    I think this would be considered a safer setup than putting the servers in a DMZ zone as the entire range of ports on the server are open to potential attacks.

    Code:
    ((Internet)) --> [Firewall/Router] <-- Port 21/ftp ---> [FTP Server]
                                     ^---- Port 80/http --> [Web Server]
    
     

Share This Page