× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Bradley,

If you want to maintain PCI and other compliances make sure you have a physical connection to your DMZ. Don't NAT into your inside network. What you want to do is very possible but make sure you are not binding any services expect what you want to that interface. In other words make sure no services are running on ALL interfaces. Last thing you want to do is expose your server to the internet.

Chris Bipes
Director of Information Services
CrossCheck, Inc.

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Bradley Stone
Sent: Saturday, February 23, 2013 1:36 PM
To: Midrange Systems Technical Discussion
Subject: IP on different subnet?

I'm not much of a network security expert but I have a question that someone asked me the other day.

We all know the "i" can have multiple IP interfaces/addresses for each NIC. If we were to set up a web server with it's own IP address would it make sense (or even work) for the IP address to be on a different subnet, or a different ip range all together?

Example:

Main IP 192.168.0.1

New IP 192.168.1.1 or even something like 10.1.1.10

My thinking is because there will be a firewall routing requests in from a public IP to the web server IP address, the internal IP address doesn't really need to be on a different subnet, range, etc, because that is all invisible to the end user on the internet. And it may also take some "tricky" finagling to even get things to work right for routing.

Thoughts?

Brad
www.bvstools.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.