- Joined
- Nov 20, 2015
- Messages
- 41,546
- Reaction score
- 21,126
Got a lovely MT RB here, RB 1100 AH
I need to set up a DMZ which will be accessed internally from two interfaces, and is scratching my head as all the wikis does not handle this kind of setup...
The DMZ also need to have access to the Internet.
ETH1 = for management only, 192.168.88.0/24 (winbox only)
ETH2 = internet-facing interface, dynamic IP (from ADSL router) or static IP (from Diginet router)
ETH3 = LAN1 segment, subnet 10.10.10.0/24
ETH4 = LAN2 segment, subnet 10.10.20.0/24
ETH5 = DMZ segment, subnet 192.168.100.0/24
1. ETH3, ETH4 and ETH5 must need Internet access
2. ETH3 and ETH4 must see ETH5
3. ETH3 and ETH4 must not see each other (segmentation)
I need to set up a DMZ which will be accessed internally from two interfaces, and is scratching my head as all the wikis does not handle this kind of setup...
The DMZ also need to have access to the Internet.
ETH1 = for management only, 192.168.88.0/24 (winbox only)
ETH2 = internet-facing interface, dynamic IP (from ADSL router) or static IP (from Diginet router)
ETH3 = LAN1 segment, subnet 10.10.10.0/24
ETH4 = LAN2 segment, subnet 10.10.20.0/24
ETH5 = DMZ segment, subnet 192.168.100.0/24
1. ETH3, ETH4 and ETH5 must need Internet access
2. ETH3 and ETH4 must see ETH5
3. ETH3 and ETH4 must not see each other (segmentation)