08-17-2008 03:02 AM
Recently I have configured Netscreen 50 as transparent mode in our network. Now we are in plan of implementing DMZ network to publish two public servers. Can anyone help me , how to configure DMZ with the Netscreen 50 as it is transparent?
Solved! Go to Solution.
08-17-2008 03:37 PM
I have attached a diagram that show how a transparent box would look like with a DMZ.
What you need to do is:
1) Set one of the spare interfaces to the v1-dmz zone
2) plug in a switch into the v1-dmz interface and the servers that need to be in the dmz into the switch.
3) Create policies from v1-untrust to v1-dmz to allow certain traffic into the dmz for instance http.
4) Becuase the firewall is in transparent mode it can't do and address translation, so if you network that your firewall on is an internal range eg. 192.168.1.0/24 then you will need another device upstream from the firewall to do the address translation for you to change a public IP from your ISP to the IP address of the server in the DMZ.
Hope this information helps