I am looking for some networking tips on how to set up a DMZ in Pfsense and place some virtual servers in that DMZ. Right now my network looks like:
Uverse (Static IPs) -> Pfsense -> WAN -> (Virtual IPs/CARP/NAT 1:1 to virtual server's internal IP address)
With Uverse I have to setup virtual IPs/CARP to bring external static IPs through the WAN.
This configuration works great, my virtual servers (Web Server and Exchange Server) are getting their respective external IP addresses. I also have setup their respective firewall rules only letting the ports needed to be open.
What I want to be able to do is put these virtual machines in a DMZ to best protect my internal network. My virtual machines are running on ESXI 5.0. My Pfsense server (2.0.1) is physical with 4 NICs. Right now 2 of the 4 are being used; 1 WAN, 1 LAN.
Any help/guidance on how to set up BOTH Pfsense and ESXI/VSphere to put these virtual machines in a DMZ also allowing me to connect to them from my internal network, but at the same time protecting my internal network from these servers should they become corrupt. My ESXI host has 2 physical NICS.
No comments:
Post a Comment