Q

How to make a DMZ server and a VPN coexist on a customer's network

Learn how to configure a VPN firewall so that it works with a customer's DMZ server.

If I install a VPN firewall router for a customer, will it be affected in any way by the setup of a DMZ server? In other words, would a DMZ server and a VPN be able to coexist?

This is certainly possible although the details will vary depending on the equipment that you choose. One popular way of doing this is to have 3 ports on your firewall, one of which leads to a completely separate DMZ segment. This has the advantage of isolating the publicly accessible portion of your customer's network from the private part, thereby enhancing security.

Assuming you are planning on using IPSec as your VPN, you will want to ensure that you configure its policy to allow non-VPN packets to bypass IPSec. RFC 2401 has more about IPSec policies, but you will need to consult your firewall/VPN's user's manual for details on the default policy and configuration.

This was first published in July 2007

Dig deeper on Virtual Private Network (VPN)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close