1 person found this helpful
The normal set up would be:
Consumer (On Internet) -> (FW / Load Balancer) -> OEG / API Gateway -> Firewall (with specific opening to the web service) -> Internal Network with the Web Service.
Where I work we did from the beginning allowed any consumer to connect from within the Internal Network to the API Gateway but due to specific needs (Different AD Domains depending on where the consumer are located) we actually have double of everything, 2 Production API Gateways(Load balanced) on the internal and two in DMZ.
Thanks so much for your reply.
We have passed the above details to our infrastructure team.