Hello,
I have a question that i posed to cisco a little while ago and I'm not sure how much I like the answer. I have 2 PIX 515 FW's seperated by a 2621. FW1 has 2 int and FW2 has 3 int. FW1 houses a dmz for my public servers (web, smtp, etc) FW2 dmz2 houses a sql server that will only talk with servers in FW1 (dmz, web app server etc) and our corp network resides behind fw2 as well. I wanted to route traffic from fw1 (web server) to router and then to fw2 dmz2 (sql server) after talking with cisco and trying all kinds of different confgs myself cisco assures me that the only way to do it is to have the sql box in dmz 2 publiclly addressed. This isnt a huge deal since I can easily lock it down with a static and access-lists i guess i just thought i should be able to route to its private ip.
thanks
jdl
I have a question that i posed to cisco a little while ago and I'm not sure how much I like the answer. I have 2 PIX 515 FW's seperated by a 2621. FW1 has 2 int and FW2 has 3 int. FW1 houses a dmz for my public servers (web, smtp, etc) FW2 dmz2 houses a sql server that will only talk with servers in FW1 (dmz, web app server etc) and our corp network resides behind fw2 as well. I wanted to route traffic from fw1 (web server) to router and then to fw2 dmz2 (sql server) after talking with cisco and trying all kinds of different confgs myself cisco assures me that the only way to do it is to have the sql box in dmz 2 publiclly addressed. This isnt a huge deal since I can easily lock it down with a static and access-lists i guess i just thought i should be able to route to its private ip.
thanks
jdl