Firewall rules

Three-legged-firewall with LAN and DMZ nets is a really basic firewall scenario.

You need to forward the FTP, HTTP(s), and SMTP ports from the external interface to the respective hosts in the DMZ. In the case of FTP you also need to deal with the fact, that FTP always uses two connections.

Allow access from the LAN to the servers in your DMZ and limit access to the required ports.

Suggestion for what? What is this rule supposed to achieve? Why port

Besides, you didn't even mention what firewall you use, so the syntax may be entirely different.

My suggestion: get someone with clue to do this for you. From what you wrote here you seem to lack even the most basic firewalling knowledge.

cu

Good Day!

Firewall use - SifoWorks U-series firewall

Router use - CISCO Router 3800 Series

Thanks.

Good Day!

Thanks for the fruitful information. Currently I only have 1 Public IP which I purchase from the ISP. Anyway, technically, which one is the better choice, use additional public IP or map one system to a port other then 80?

Would be appreciate too if you can share your relevant experience (about the brand of firewall you know or currently use) with all of us.

Thanks!

Do you want more than one web server to be publicly available? If so, I'd recommend getting additional IP addresses, because otherwise your users would need to know the port number(s) for the other web server(s), which would be less convenient for them.

The brand doesn't matter that much. What you really need to begin with is a firewall policy where you specify who needs to access which host, and from where.

cu