We have 2 VLANs setup for a specific partition on our LTM. One is for their production servers, the other is intended to act as a DMZ as there is a particular server that needs a lot of ports opened to it from the Internet. To reduce the security risk of opening so many ports to the production network, another VLAN was created for this server to sit on. However, this server still needs to access select devices on their production network, but only using 1 port. How can I allow communication from the server in the DMZ to specific devices on their production network? Is setting up Layer 4 virtual servers the only to acheive this without completely opening the communication between the two VLANs? Is there a way that I can allow communication between the 2 networks, but restrict what devices it has access to without creating a virtual server for every device this server needs to communicate with on the production network?
Any assistance is appreciated.
How can I allow communication from the server in the DMZ to specific devices on their production network?
just wondering if host virtual server (i.e. server in production network) with specific source setting (i.e. dmz server) is usable.