Scenario:
A web server is located in a DMZ (De-Militarized Zone) and has an official IP (LAN without NAT). Classic routing is used (see Section 10.7.1, „Classic Routing“).
The router of the provider has the IP 88.89.90.1, the external IP of the Intra2net system is 88.89.90.2 (network mask 255.255.255.252).
The DMZ uses the network 88.89.90.4/255.255.255.252 (30 bit network with 4 IPs), the Intra2net system has the IP 88.89.90.5, the web server 88.89.90.6
Access to TCP ports 80 and 443 (predefined services http and https) of the web server is permitted from the Internet.
The clients from the LAN have full access to the web server
The clients from the LAN may only access the Internet via the proxy, email is only possible via the Intra2net system
The web server only has access to TCP port 3306 of a database server (IP 192.168.1.40) in the LAN.
The web server may use the DNS and SMTP services of the Intra2net system.