Protected Webserver ?
Want to set up a webserver that is absolutely separated and protected from my home network.
I recently purchased and setup a new Firewalla Gold Pro.
One 2.5GB port connects to my 2GB T-Mobile fiber modem ISP connection.
One 2.5GB port is connected to my eero Pro 7 to provide WiFi service in my home.
One 10GB port is connected to my 10GB managed switch for my home network.
One 10GB port is open.
What I wnat to try to do is build a prototype webserver on a Raspberry Pi, connect it to the open Firewalla port to be accessible to the big-bad internet. At the same time, I want to ensure any and all traffic that is accessing the webserver would be blocked from reaching into my home hetwork.
My plan is to build the webserver inside my network then, when ready to test in the wild, reconnect the Raspberry Pi to the open Gold Pro port.
I understand there would be a substantial risk to my home systems if I would reconnect the Pi to my home network, so it would never return. I would also do as much hardening of the webserver as I can before putting it out.
I understand that I would setup Port Forwarding for all external web connections to the currently open port, but what next?
So my question here is - what is the best way to configure my Gold Pro to keep the two 10GB ports segregated?
Please sign in to leave a comment.
Comments
1 comment