Is it possible or what should be done to create a DMZ between 2 IPFire systems. 1st IPFire (Red/Green) to the internet provider, 1st Green to a switch, a Webserver connected to the switch, 2nd Red connected to the same switch and 2nd green to the internal network. Also, should the URL filter, Web Proxy be ran from the 1st IPFire system ? I know that DHCP would be needed on the 1st IPFire. The obvious goal a webserver protected and accessible to the internal network.
Thanks for any direction or guidance ! - bP
Chaining Firewalls. DMZ if you want all ports open to the next Firewall. But you can do that with a RED to GREEN without the DMZ. First Firewall is setup per the ISP settings. Green IPs 172.16.1.1/24 . The chained Firewall is setup to 172.16.1.254/24 GW to 172.16.1.1 and Green setup as 172.16.2.1/24 but cannot be the same network.
Firewall setup 1st Firewall is Public IPs. to 172.16.1.X then take the 2nd Firewall from the 172.16.1.x to 172.16.2.x with the ports needed for what your hosting.
Why I do it. I put the Public servers after the first firewall. Chain the 2nd firewall, so the users can get to the internet by poxy.