{"id":436,"date":"2006-09-10T10:54:26","date_gmt":"2006-09-10T14:54:26","guid":{"rendered":"http:\/\/www.wehuberconsultingllc.com\/wordpress\/?p=436"},"modified":"2008-01-05T13:12:01","modified_gmt":"2008-01-05T17:12:01","slug":"changing-over-to-a-3-leg-network-layout","status":"publish","type":"post","link":"https:\/\/wehuberconsultingllc.com\/wordpress\/2006\/09\/10\/changing-over-to-a-3-leg-network-layout\/","title":{"rendered":"Changing over to a 3 leg network layout"},"content":{"rendered":"<p><a href=\"https:\/\/i0.wp.com\/www.wehuberconsultingllc.com\/wordpress\/wp-content\/uploads\/2006\/09\/WindowsLiveWriter\/Changingovertoa3legnetworklayout_995C\/3leg%5B2%5D.jpg\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"240\" height=\"126\" border=\"0\" align=\"right\" alt=\"3 Leg Perimeter Network Layout\" style=\"border: 0px none \" src=\"https:\/\/i0.wp.com\/www.wehuberconsultingllc.com\/wordpress\/wp-content\/uploads\/2006\/09\/WindowsLiveWriter\/Changingovertoa3legnetworklayout_995C\/3leg_thumb.jpg?resize=240%2C126\" \/><\/a>I had been curious about implementing a DMZ for some time but I really did not have a use for one. My previous network layout was a standard edge network with two firewalls, a router\/firewall and a ISA firewall. Recently I have been playing with a variety of linux packages who eventually will need constant exposure to the internet so a DMZ would became a logical upgrade. Since I had recently installed a third NIC on my SBS server, I could use ISA to manage the perimeter network.<\/p>\n<p>To setup this network I went to Tom Shindler&#8217;s ISAServer.org site and browsed his documentation on setting up a DMZ using a ISA server. Although there are several documents on setting up DMZ segments, the document I used was  <a href=\"http:\/\/www.isaserver.org\/articles\/2004pubdmzservers.html\">Publishing Servers on a ISA Server 2004 Firewall Public Address DMZ Segment<\/a>.  I followed the directions and only changed the outbound protocols. For my network I want to pass ftp, http, https, ntp, ping, and smtp from the DMZ to Internet. At this point in time I do not need to allow inbound internet access to the DMZ but I will allow full inbound access from the internal network. I will leave that as a future project. I did change my access rule for the Protected Networks as recommended by Amy in <a href=\"http:\/\/isainsbs.blogspot.com\/2006\/05\/dmz-sbs-special-considerations.html\">DMZ &#8211; SBS special considerations<\/a>.<\/p>\n<p>The DMZ network is now up and running. I have one linux server running on the DMZ. It is running Groundworks and is connected via the ultimate low cost hub, a cross-over cable. So far there are no gotchas!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I had been curious about implementing a DMZ for some time but I really did not have a use for one. My previous network layout was a standard edge network with two firewalls, a router\/firewall and a ISA firewall. Recently I have been playing with a variety of linux packages who eventually will need constant &hellip; <a href=\"https:\/\/wehuberconsultingllc.com\/wordpress\/2006\/09\/10\/changing-over-to-a-3-leg-network-layout\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Changing over to a 3 leg network layout&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6],"tags":[21,125],"class_list":["post-436","post","type-post","status-publish","format-standard","hentry","category-sbs2k-sbs2k3","tag-isa","tag-sbs"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p4iN3d-72","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts\/436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/comments?post=436"}],"version-history":[{"count":0,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts\/436\/revisions"}],"wp:attachment":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/media?parent=436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/categories?post=436"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/tags?post=436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}