here is what I understood:
"... web server on my private network that are accessible through the
firewall by
using one to one NAT" for me means that
- the webserver is in the private network
- external clients are allowed to access it
- for this, they connect to a public address which the router/FW redirects
to the server.
in other words (sorry for the "over-clarifification", but it's t make sure
we're talking
about the same thing):
the webserver's address is 10.2.0.80, and a public address 9.8.7.6 is used
to access it from the outside.
a client 1.2.3.4 connects to 9.8.7.6. the gateway redirects the request to
10.2.0.80 _without_ changing
the client's address. so it's NAT-in, not NAT-out.
if it's not that, then yes, forget all what I said!
cheers,
mouss
At 09:00 23/10/00 +0930, Ben Nagy wrote:
>You've got yourself muddled somewhere. When the packet is heading from the
>WWW server to the NAT'ed address of the outside host, 10.2.0.80 (in your
>example) _is_ the destination.
>
>Ah! I see what you've done - I'm talking here about NATing the _source_ of
>the packet, right? In other words say the external client is 1.2.3.4, OK?
>And say that this request has come in from ISP2. In the config I'm talking
>about the address of the external client (1.2.3.4) is NAT'ed to 10.2.80.0.
>This means that when the server responds normal routing will take care of
>the rest - the router knows to reach 10.2.x.x through ISP2.
>
>Hope that makes more sense - drop me a line OOB if it doesn't.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
