Ask the Expert

How do a DMZ and VPN work together?

If you have a VPN firewall router, will it be affected in any way by the setup of a DMZ server? In other words, would a DMZ server and a VPN be able to co-exist together?

    Requires Free Membership to View

A demilitarized zone (DMZ) and virtual private network (VPN) can certainly co-exist. In fact, they were designed to work together.

In the typical firewall scenario, the firewall separates three distinct network zones: the Internet, the private network and the DMZ. Inbound connections from the Internet are allowed only to servers in the DMZ; no direct connections are allowed between the Internet and the private network. Servers that offer services to the public (e.g. Web servers, SMTP servers) are placed in the DMZ, while servers that offer services to internal users reside on the private network.

The VPN provides remote users with access to private resources. Users authenticate to the VPN, and may then access internal resources on the private network through that VPN connection.

More information:

  • Learn why enterprise users should not be placed in a DMZ.
  • In our Identity and Access Management School, Lisa Phifer highlights the innovations in VPN technology.
  • This was first published in April 2007

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: