04-13-2020 12:16 AM
hi! we've the following routing questions to check. This is the scenario in the environment. We have an ERP system running in the cloud, and this ERP system will need to communicate with the manufacturing system in the OT network for example via certain port/services, or printing and vice versa. As a best practice, we try not to pass the traffic directly thru the OT FW which isolate the IT from OT, but thru the internal dmz instead. This internal dmz is a port from the OT FW.
How can this be done from the OT FW point of view?
cloud-> IT -> internal dmz -> OT
OT->internal dmz-> IT -> cloud.
cloud 10.0.1.0/24
IT 10.0.2.0/24
internal dmz 172.16.1.x/24 <-OT FW that isolate IT from OT. One port to IT, one port to internal DMZ, and one port to OT.
OT 192.168.1.x/24
04-13-2020 06:52 PM
hi! anyone has any idea on that? thx.
04-13-2020 06:59 PM
the OT FW
Port1 - IT network
Port2 - Internal DMZ
Port3 - OT network
04-14-2020 06:31 AM
Hello
Can you post a simple topology diagram so we can visualize what your trying to achieve?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide