The basic rule of the GNAT Box is that any access that is not explicitly allowed is denied.
For each of the tunnels that you set up you either need to check the "filter" box (if everyone on the Internet is allowed access) or create a filter rule to allow access. >From my original message: > If you want to allow the entire Internet to access the webservers, > then you can check the "filter" box when you create the tunnels. > Otherwise, you will need to create filters that control access to > ports 21, 80, and 443 (or whatever ports you created tunnels for) > on the GNAT Box EXT address and aliases. Mike Burden Lynk Systems (616)532-4985 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Parker Sent: Thursday, July 27, 2000 4:35 PM To: 'Michael W. Burden' Cc: [EMAIL PROTECTED] Subject: RE: newbie question --------------------- Attention ----------------------------- Online GNAT Box User Forum is Now Open Click the Register link and sign up today http://www.gnatbox.com/cgi-bin/Ultimate.cgi ------------------------------------------------------------- Send postings to: [EMAIL PROTECTED] Access the list archives at: http://www.gnatbox.com/gb-users/ ------------------------------------------------------------- Thanks a lot for the help. I did everything you said, but I have a warning message on my inbound tunnels that states that every tunnel that I have set up is denyed by all remote access filters. And I can't find anything on the remote access filters section that is denying all the inbound tunnels. I haven't added anything except for adding the remote access object that I have to. Steve Parker Senior Systems Administrator USdata1 248-668-9777 office [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael W. Burden Sent: Tuesday, 25 July, 2000 11:05 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: newbie question --------------------- Attention ----------------------------- Online GNAT Box User Forum is Now Open Click the Register link and sign up today http://www.gnatbox.com/cgi-bin/Ultimate.cgi ------------------------------------------------------------- Send postings to: [EMAIL PROTECTED] Access the list archives at: http://www.gnatbox.com/gb-users/ ------------------------------------------------------------- It's pretty straightforward. Each of your webservers will have its own address on the PSN (DMZ). The EXT address of the GNAT Box will have tunnels to connect the ports for the services you want to provide (probably something like 21, 80, and 443) to the primary webserver. For each additional webserver you will create an alias on the EXT interface, create tunnels to connect the ports for the services to the webservers, and create a static mapping from the webserver back to the alias. If you want to allow the entire Internet to access the webservers, then you can check the "filter" box when you create the tunnels. Otherwise, you will need to create filters that control access to ports 21, 80, and 443 (or whatever ports you created tunnels for) on the GNAT Box EXT address and aliases. For email, I would suggest using the SMTP proxy. Fill in the form under "Authorization/Email Proxy", and list all of the domains that you want to receive email for in the "Domain(s) to Accept" field. Any SMTP connection to the GNAT Box EXT address will be proxied to your email server (as long as the domain matches one of the domains that you list - this prevents spammers from bouncing email off your email server). You can cut down on the amount of spam you receive by enabling more of the Realtime Blackhole List (RBL) servers, but be aware that orb has been known to be a little overzealous at trying to block spam, and sometimes blocks legitimate email. Mike Burden Lynk Systems (616)532-4985 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Parker Sent: Tuesday, July 25, 2000 10:01 AM To: [EMAIL PROTECTED] Subject: newbie question --------------------- Attention ----------------------------- Online GNAT Box User Forum is Now Open Click the Register link and sign up today http://www.gnatbox.com/cgi-bin/Ultimate.cgi ------------------------------------------------------------- Send postings to: [EMAIL PROTECTED] Access the list archives at: http://www.gnatbox.com/gb-users/ ------------------------------------------------------------- We are an ISP and I am trying to find the best way to configure my GB-100 with my web servers and e-mail servers. I want to put the web and e-mail servers on the PSN interface. What I would like is any help on configuring it for all the IP addresses that I am going to need for all the web sites that we host. I'm having some difficulty in trying to find out exactly how to do that in the GB manual. Any help from you guys would be greatly appreciated. Thanks. Steve Parker Senior Systems Administrator USdata1 248-668-9777 office [EMAIL PROTECTED] ---------------------------------------------- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe gb-users your_email_address in the body of the message ---------------------------------------------- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe gb-users your_email_address in the body of the message ---------------------------------------------- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe gb-users your_email_address in the body of the message
