Re: DMZ setup ISP side device

["Howard C. Berkowitz" <hcb@xxxxxxxxxxxx>]

At 10:36 PM -0700 8/1/04, Sri Kanda wrote:
> Group,
>
> I'm working on a DMZ setup for Internet connectivity.
> Below is my proposed Internet setup, in that I would
> like to connect a device between my firewall
> (webshield) external interface and ISP. Since my ISP
> is in the same building I can plug in to it with an
> Ethernet. This device should hide my external
> interface of the f/w to the outside world.'

I don't understand what problem you are trying to solve. If you hide 
the outside interface of your firewall from the outside world, even 
if you were initiating all transactions from the inside going out, 
how would the response find its way back?

> ISP
> |
> |
> |
> --------------------------------------
> Device to hide external f/w interface |
> --------------------------------------
> |
> |
> |
> ---------
> Firewall |
> ---------
> |
> |
> |
> -------------
> Proxy Server |
> -------------
>
> I could think of L3 switch or Cisco 2611 router with 2
> Ethernet, one to connect towards my firewall side
> (with  some private IP address) and the other to
> connect ISP side with public IP.
>
> Would appreciate if you have better option than the
> proposed one.
>
> Thanks in Advance
>
> Best Regards,
> Srikanda
>
>
>
>
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
> http://promotions.yahoo.com/new_mail
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html