The real question would be why would installing a new application require a
chang in the LAN Topology involving a firewall device? That make no
sense,...Applications are supposed to be ablivous to the underlying
Topology.
Yes, introducing a firewall changes the LAN Topology unless it is replacing
an already existing device.
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
"Phil" <(E-Mail Removed)> wrote in message
news:u%(E-Mail Removed)...
> I'm have an existing server (2003 Standard) hosting several sites, with
all
> the bells and whistles. I have a new application I want to add which
> requires the addition of a firewall appliance ( I'm looking at Cisco 506
but
> that shouldn't matter) I need this both for the VPN Tunnels & for
security
> issues.
>
> I have approx 24 IPs running on this machine, with about 20 of them used
for
> different sites. I don't think I can assign this many IPs to a DMZ ( Can
> I?). So, I'm trying to come up with some other solution.
>
> What I'm thinking of doing is just adding a new ethernet connection (
> actually just using the spare I have ) connected to the firewall, giving
the
> firewall one of the un-used IP address. Thus, I will have two subnets,
my
> existing IP allotment ( minus the 1 ), and the 192.168.xxx.xxx that I get
> from the Firewall. I plan to have SQL Server 2005 instances running on
the
> IP addresses in the 192.168.xxx.xxx block.
>
> I know this way is essentially stupid, but my client won't spring for a
new
> server, so I'm trying to make something work. This will give me my VPN
> tunnels, so that is half the problem. My question is, does this provide
me
> any additional security at all? Is there any way to have the server
> partitioned so that some of it is highly secure while some of it remains
> essentially a DMZ?
>
>
>
Similar Threads
Linear Mode
