Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » DMZ
  •  
SyG4

Messages: 3
Karma: 0
Send a private message to this user
A question.... I am evaluating KWF and wish to know if it supports a DMZ. If so, how do I go about configuring KWF?


Thanks in advance.


//Sy
  •  
Valerik

Messages: 12

Karma: 0
Send a private message to this user
What is DMZ. Maybe DeMilitarized Zone? Razz
If you want to configure winroute for some software, you must now, which porst it uses.
  •  
LordGraj

Messages: 39
Karma: 0
Send a private message to this user
Yes, it support.
I have 1 PC with 3 NIC, (1 WAN, 1 LAN, 1 DMZ), it works OK

The DMZ host is a Virtual PC inside of PC Firewall, and it works fine.

[Updated on: Thu, 17 February 2005 20:19]

  •  
SyG4

Messages: 3
Karma: 0
Send a private message to this user
LordGraj wrote on Fri, 18 February 2005 06:13

Yes, it support.
I have 1 PC with 3 NIC, (1 WAN, 1 LAN, 1 DMZ), it works OK

The DMZ host is a Virtual PC inside of PC Firewall, and it works fine.



Cool, so briefly, how did you set it up?



//Sy
  •  
LordGraj

Messages: 39
Karma: 0
Send a private message to this user
I install Virtual PC 2004 in machine when kerio is installed.
I configured this virtual machine to use a Virtual NIC with Local NIC
And connect to DMZ NIC to Switch.

And It's work OK.

Later with rules, permit trafic from wan to DMZ (HTTP, HTTPS,FTP, SMTP, POP3) => NAT (Default Outgoing)
Public HTTP WAN ==> FIREWALL =>HTTP,HTTPS, FTP, SMTP => PAT (host DMZ)

  • Attachment: virtual.JPG
    (Size: 53.59KB, Downloaded 998 times)
  •  
scadet7

Messages: 16
Karma: 0
Send a private message to this user
Just a questions re your concern. Any special reason as to why you would want to setup a DMZ zone?
I find KWF to be very robus and as such a DMZ may not be needed it alldepens on what you are trying to accomplish.
  •  
LordGraj

Messages: 39
Karma: 0
Send a private message to this user
I need a DMZ Zone beacuse the I not enough Pc for services, and I made a Virtual PC for Mail Server, and it works fine.
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
A DMZ creates a second area where 'unsecure' pc's are. Traffic from the DMZ to the LAN is better to track. All traffic should go through KWF. If the servers are all in the LAN, traffic from a hacked server to other machines in the LAN will not be detected. Also users in the LAN need more types of internet connections than the services in the DMZ should. Managing all will be much easier.
  •  
water puts out fire

Messages: 4
Karma: 0
Send a private message to this user
So far as I can see, the only reason for a DMZ is somewhere to place a mails server & web server that you want to be accessible to people FROM the internet. If you use a ISP hosted mail server (by far the easiest way) and an ISP to host your web site then you don't need a DMZ - just block all inbound traffic, unless its for stuff like a VPN connection. job done.
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
I agree. I you do not have anything to offer (no servers/servies) a DMZ is not needed. But KWF is also used by companies that host there own servers. In that case a DMZ is a must (if one takes security serious).
  •  
SyG4

Messages: 3
Karma: 0
Send a private message to this user
>> Just a questions re your concern. Any special reason as to why you would want to setup a DMZ zone? <<

The reason for wanting to setup a DMZ is that Kerio does not correctly support SIP for some reason so I wanted to throw my SIP box on the DMZ and route it without NAT.


//Sy

//Sy
Previous Topic: correo pop y smtp
Next Topic: pop y smtp
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 23 16:03:48 CET 2017

Total time taken to generate the page: 0.00488 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.