Hey all. I do not see the basics of how to set up a DMZ in one single article, and I was thinking about writing it since I'm getting ready to set up my first one (so I'll have screen shots). First, I want to make sure I understand it correctly. I'm using 192.168.20.0/24 as a public IP range (I know it is not, but for this article...)
1. red interface has a block of public IP's assigned, 192.168.20.192/27 2. orange interface has IP of private IP, 172.16.54.1/24 3. for each public IP Assign server to a private IP (172.16.54.x) Create DMZ pinhole from public IP to orange IP
Basically, if I'm understanding correctly, setting up the orange interface is similar to setting up port forwarding into the green interface?
I'm going to start playing with this, but would prefer to not start out with an incorrect assumption.
Also, can anyone tell me WHY we should use orange vs green? It appears to be so well understood by so many people that it is not explained. I'd like the article to be a total newbie document, but later cover things like QOS and stuff.
Rod
documentation@lists.ipfire.org