[Samba] Firewall transparancy?
Gémes Géza
geza at kzsdabas.sulinet.hu
Sun Jan 25 08:51:24 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Anders Norrbring írta:
| Hi!
|
| I was thinking, is there a way to use a linux box with Samba running
in the
| DMZ of a firewall and to validate logons from the internal network?
|
| I.e. the users workstations are on the protected net on 192.168.111.xx and
| the Samba PDC resides in the DMZ, running subnet 192.168.222.xx. If it's
| possible, what ports need to be open?
|
| Anders Norrbring
|
|
Something a little bit more secure, IMHO would be:
| Internet | ----------- | Firewall |------| DMZ |
| /
| /
| /
| /NMB traffic
| /SMB traffic
| /CIFS traffic
| /
| /
| /
| LAN |/
On the DMZ network in smb.conf allow only your LAN to access the
servers. Make sure, you have forwarding between interfaces disabled on them.
Regards,
Geza
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAE4OM/PxuIn+i1pIRAtcQAJ9qjAPRwkKKbQ468PIFAc4B4va+QQCfV61V
Ssvn/7VCjuC0VbMgHXYWHpY=
=AgHW
-----END PGP SIGNATURE-----
More information about the samba
mailing list