Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Firewall installation

    Installation and Upgrades
    2
    3
    1389
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      patrickyhleung last edited by

      Hi,
      I am using adsl2+ netgear DG834G medem/router. It has some firewall features.

      I am setting up a web server using Mac OSX, and want to add a pfsense firewall to protect my local area network.
      The question is: should I connect the web server between the modem/router and the pfsense firewall; or should I put the web server behind the pfsense firewall.
      Any suggestions with reasons ?
      Thanks.

      1 Reply Last reply Reply Quote 0
      • Cry Havok
        Cry Havok last edited by

        Between the router and pfSense means you're putting it in a DMZ. That is traditionally where you put exposed services and never put any valuable data as the risk of it being compromised is higher than if you hadn't exposed it.

        I do, personally, recommend putting exposed services in a separate network from anything you value. Then when something goes wrong your damage is relatively limited.

        1 Reply Last reply Reply Quote 0
        • P
          patrickyhleung last edited by

          Hi Cry Havok,

          Thank you for your comments.
          I need to connect the other computers to the same network because they need to share the internet connection.

          According to what you said, would it be better if I put the web server behind the pfsense firewall ?
          that is : modem/router –-> pfsense firewall  ----> web server
                                                                      ----> local network on different subnet

          Will the web server still be able to serve webpages in this arrangement ?

          patrick.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post