DMZ connected to DMZ switch, switch connected to router, router has interface for main branch Wollongong ( a city in NSW, AUS for those playing at home) possibly a firewall in between.
other interface has internet access and VPN channel (not sure haven't considered other WAN technologies for other departments such as Sydney, Brisbane)
thats my scenario for my group at my local college.
the hard thing is that we use computers as rotuers with 2 or more NIC cards and we kinda just simulate complex situations. not allowed to use cisco routers, as they are used by those who are doing the course and have paid.
never done a DMZ before, but im guessing you have to setup something in a firewall? don't know the steps
"Doesn't matter who they vote for, they always vote for us."
Thanks for the detail
The purpose of your DMZ is to provide an isolated zone for servers and devices that need to be accessed from the internet/outside world but also separated for security reasons from your internal network.So the first thing you're going to need, given that you're using PCs as your routers, is a PC with three NIC cards.
Having done that, you'll need to configure the operating system on the PC to allow routing between the tree cards, then configure the firewall software to allow and restrict the trafic as appropriate.
A couple of things here: First of all I'd strongly recommend that you use a dedicated PC for this - don't try to do server or other tasks on it as well, just let it be the DMZ firewall. And secondly, I'd go for one of the easy-to-use ready built firewall implementations like IPCop. I know this isn't Windows based, but if you've got any old PC lying around you can install it easily, set up is simple and you can be sure it's going to work. There is also a lot of expertise here on IPCop so you can get help if you are stuck