[Title should be: "Setup servers behind firewall"] I'm playing around with some servers (www, mail, db & dns) to simulate a ISP setup (so I could host my own domain for experimental puposes). The current situation: all servers are hosted in a datacenter. An uplink connected to a switch, all servers connected to that switch. All servers got a fixed IP (ea. xx.yy.zz.1 - xx.yy.zz.4). This means that all the servers are just connected to the internet without any protection (except for local FW & AV). I would like to come to the following situtation: An uplink connected to a FW "server" (ea. IPCOP), this FW connected to the switch with all other servers conntected to it too. Do I need to install all the servers in an "Orange/DMZ" zone, because I want them to keep their fixed IP. Or do I create a "Green/LAN" zone and use port forwarding etc? Kind regards, lx
You can use port forwarding only if you run different services on each server because you can forward a port to only one machine. If you run a web server on two machines, then you can forward port 80 to only one, for example.
