New start - advice needed

uncle_numpty · 9 November 2021 08:55

Morning all,

Been using IPFire for a looooong time and have been very happy with it, but the time has come for an upgrade. Primarily the hardware is old and my network has grown into a horrible mess so I think i’m going to do it right this time.

I’m planning on bringing email, nextcloud and web services in house and I have a range of 5 fixed ip’s that I know i can set up with aliases and rules.

So the question is, what is the best practice for the positioning of these servers - in the DMZ, in the Green network or Set up a secondary IPfire box and put external services behind that thus keeping it completely seperated from the internal network ?

Your advice and comments are greatfully received.

uncle_numpty

ms · 9 November 2021 08:58

Hello,

and welcome back.

The best and easiest way is to put those servers into the ORANGE network and keep your devices in GREEN. There is no need for a second firewall.

uncle_numpty · 9 November 2021 09:04

Thanks for the speedy reply Michael.

That being the case can i use a 4 port nic for the ORANGE network and pass traffic to individual ports based on ip ? or do i have to use and individual NIC and a switch ?

Regards

ms · 9 November 2021 09:20

You can bridge multiple interfaces together and make a switch out of them in the firewall. However, if you have really high bandwidth a proper switch would be the better way forward.