joeypesci Posted February 7, 2009 Share Posted February 7, 2009 I currently have, physically, a router, then a firewall both on 10.0.0.1 range Then from the 2nd nic I have everything else on the 10.0.1.1 range. If within this 10.0.1.1 range I build a couple of servers in VMware with 2 virtual nics in them would it be logically possible to have them on a different IP range? I would of thought not, as they are ultimately on the 10.0.1.1 range and just pretending, virtually, to be on a different IP range. So if someone got onto them from the outside, they've eventually be able to get into the main network. This is the current setup I'm not sure I understand DMZ zones. Someone has said mine isn't a true DMZ and that I should stick the VM exchange out on the DMZ so if anyone was to break in, they'd be stuck in the DMZ and could only trash the exchange (which isn't a problem as it's not being used properly just for messing about). They also said something like, making the DMZ so that it just keeps bouncing the traffic back to the person attempting the attack, so they essentially end up attacking themselves. What I'm not sure about though is where the virtual exchange is. It's in the Green zone currently. Is it possible to give it a new IP like 10.0.2.1, still be on the 255.255.255.0 range, yet be isolated from the rest of the network and put in a DMZ? Not sure if I explained that correctly. Used http://www.gliffy.com/ to create that diagram. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.