Firewall behind DMZ?
Results 1 to 3 of 3

Thread: Firewall behind DMZ?

  1. #1
    Junior Member
    Join Date
    May 2006

    Firewall behind DMZ?

    Hi guys,

    I have smoothwall firewall running behind my adsl router. My smoothwall firewall have DMZ area for my server, I've got apache server, ssh server, and mysql server running as single server with different internal DMZ IP.

    So my question is do I have to make another firewall to hardened my servers inside the dmz?? cause I think I can install guarddog firewall (internally) on every servers (all of them running linux except ssh server running OpenBSD 3.9) .

    Or.. just smoothwall firewall (hardware firewall) already enough protection for my dmz ..?? it means I just hardened my servers without another firewall...


  2. #2
    Senior Member
    Join Date
    Mar 2004
    If you had 2 firewalls you would have the same ports open , so it would just be security through obscurity. I would focus more on your firewall configuration and the patch level of your boxes. In addition I would run apache on Openbsd and the same for the ssh server. To me it seems like alot of servers for a dsl connection.

  3. #3
    Senior Member
    Join Date
    Aug 2006
    I agree with Net2Infinity. Of course there is no reason of putting up two FIREWALLs on one server at all...after all you will have to open the ports you need on both the firewall and block the rest...and it can be done pretty well by a single FIREWALL only. I think your configuration is very OK as it should be.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts