| Home | Register | Members | Search | Links |
 |
| Thread Tools | Display Modes |
|
Guest
Posts: n/a
|
Howdy,
I am setting up an application that requires a webserver to be available to the internet at large, and an internal network with the Oracle database on it that needs to be protected from the internet at large...  I have two dedicated Class C IPs, and two router/firewall boxes I can use. I also have 2 server 2003 boxes, one running tomcat as the webserver with 2 nic cards and the other running Oracle as the database server... One of the Class-C IPs is assigned to a router/firewall box and provides nat/dhcp and internet access to nodes on the internal network. The database server needs to sit behind the firewall for users of the internal network to access it, but also be available to the webserver for application data requests.. What I would like to have is the database server be on the internal network and only be accessible by users on the internal network and the tomcat application on the web server. And have the webserver be available to the internet at large, and use the two nic cards in this box as a 'security blanket' to protect the internal network (and the database server) from outside access. So folks coming in via the internet hit the webserver application. The application talks to the Database via the internal network connection, and the internet folks never know about the internal network side of the world... One other caveat is that the internal network users will also need to use the application via the internal network connection... So am I out of my gourd in thinking this will work, or is there a better solution that provides the security the database and internal network requires, and still allows the webserver to sit on the Internet and talk to the database server... Thanks!! Cal |
|
|
|
|||
|
|
| |
|
Guest
Posts: n/a
|
In this case, you can enable NAT/Firewall on the webserver.
Bob Lin, MS-MVP, MCSE & CNE Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com <(E-Mail Removed)> wrote in message news:(E-Mail Removed) ups.com... Howdy, I am setting up an application that requires a webserver to be available to the internet at large, and an internal network with the Oracle database on it that needs to be protected from the internet at large... I have two dedicated Class C IPs, and two router/firewall boxes I can use. I also have 2 server 2003 boxes, one running tomcat as the webserver with 2 nic cards and the other running Oracle as the database server... One of the Class-C IPs is assigned to a router/firewall box and provides nat/dhcp and internet access to nodes on the internal network. The database server needs to sit behind the firewall for users of the internal network to access it, but also be available to the webserver for application data requests.. What I would like to have is the database server be on the internal network and only be accessible by users on the internal network and the tomcat application on the web server. And have the webserver be available to the internet at large, and use the two nic cards in this box as a 'security blanket' to protect the internal network (and the database server) from outside access. So folks coming in via the internet hit the webserver application. The application talks to the Database via the internal network connection, and the internet folks never know about the internal network side of the world... One other caveat is that the internal network users will also need to use the application via the internal network connection... So am I out of my gourd in thinking this will work, or is there a better solution that provides the security the database and internal network requires, and still allows the webserver to sit on the Internet and talk to the database server... Thanks!! Cal |
|
|
|
|
|||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
|
| |
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
