Dual firewall setup Pfsense 2.0 and Netscreen 5GT
-
I am trying to setup a dual firewall with internet –--- pfsense------ dmz---------netsceen-------inside
unfortunatly I have only limited networking experiance... if someone could explain or send me to some documentation that will get me going?
I was planning on setting it up this way
internet -------pfsense(10.1.10.1)----dmz(static 10.1.10.3 - 10.1.10.200)-----(10.1.10.2)netscreen(192.168.1.1)-----inside(dhcp 192.168.1.2-192.168.1.200)
my current network is on the 192.168.1.x and I am running my own dhcp and dns services.
-
Double NAT is generally considered to be a bad idea.
-
Yeah…I know and I am the first to say that I am not a network guy... thats why I am attempting to set this up so that I can learn more about networking. If anyone has a better idea on how to set this up I am all ears.
I could setup the netscreen to route only?
-
probably
/ –-- netscreen ---- private LAN
internet -
\ ---- pfsense ------ DMZHave them inline. Networks on each side MUST be different though.
The way you have listed will work, but you would be triple natted and that can cause problems. Though it might even work, I just don't think you want that kind of fun yet.
If you are new to networking, perhaps start with simple| Internet ---> pfSense ---> LAN (with servers and clients mixed) ... once comfortable with that then start with a single server in a DMZ network that is another NIC on the pfSense machine.
-
I already have it internet–->pfsense----->lan
I was just looking at doing the dual firewall like a corporation would have it.
internet---->firewall---->DMZ----->firewall------->LAN