Topic: sme 5.5 as internal fire wall

[Nick Slayton]

here is my question
can i use the sme in gateway mode as an internal firewall to seperate my DMZ from my internal network

this is what im planing


                                                    Internet
                                                         !
               ----------------------------  multi nat router/firewall ------------------------
               !                                                                                      !
            DMZ                                                                             SME firewall
Production web server                                                                      !
Production Stageing server                                                      MS SQL Server
       Email server                                                                       CRM Server
                                                                                              Work Stations

my production servers in my DMZ need to be able to get thru the internal fire wall
to contact the SQL server
will sme 5.5 be able to do the job?
and if so should i use port open to allow access thru the sme box so my production servers can see my SQL server or is ther a better option?

please dont tell me just to use the sme instead of the router as the sme dosnt have the capability of suporting 6 static ip addresses of wich we use all of them

and please dont tell me i dont need a internal fire wall as just an external one dosnt give us enough protection

thank you in advance for any help

[Gregory Baird]

take a look at ipcop or smoothwall express for your firewall
you can use the orange - dmz nic to go to a hub /switch
and put up to 254 behind it the orange nic will be your
gateway but must be a different subnet .2 instead of .1

I use sme for a server but ipcop will run on a very basic box

Greg