Article

Problem

A Forum reader recently asked:

"I want to place a webserver (Novell Linux Enterprise Server) into my DMZ. I assigned the IP address, with one public IP address of BorderManager NATed to the IP address of my webserver. Is this correct so far?"

And here's the response from Caterina Luppi ...

Solution

To be able to access the web site from your LAN, you will simply need to:

1. Have name resolution in your LAN that gives out the private IP of the web server.

2. Create a packet filter exception for port 80 between the LAN and the web site. You can use something like this:

Packet type: TCP source port 1024-65535 dest port 80 STATEFUL
Source interface: private
Dest interface: DMZ
Source IP: your private LAN
Dest IP: the IP address of the web server