Configuring a Direct Connection is described in detail in the section entitled Direct
Connection towards the beginning of this chapter.
Services on the DMZ network
Once you have configured the DMZ connection, configure the SG unit to allow access to
services on the DMZ. There are two methods of allowing access.
If the servers on the DMZ have public IP addresses, you need to add packet filtering
rules to allow access to the services. See the section called Packet Filtering in the
chapter entitled Firewall.
If the servers on the DMZ servers have private IP addresses, you need to port forward
the services. See the section called Incoming Access in the chapter entitled Firewall.
Creating port forwarding rules automatically creates associated packet filtering rules to
allow access. However, you can also create custom packet filtering rules if you wish to
restrict access to the services.
You may also want to configure your SG unit to allow access from servers on your DMZ
to servers on your LAN. By default, all network traffic from the DMZ to the LAN is
dropped. See the section called Packet Filtering in the chapter entitled Firewall.
Guest Network
Note
Network Setup
72