mRyOuNg schrieb:
Andreas Herrmann wrote:
Hi there,
I want to setup a gateway / firewall solution with Gentoo. The network
has following structure:
Several host (host[1,...,x].domain.net) are defined within the DNS and
all of them have the same A-Record with the IP 1.2.3.4
The gateway is listening on its external network interface with the IP
1.2.3.4 and has an internal interface with a private subnet
(192.168.0.0/24). The hosts (host[1,...,x].) are addressed in this
subnet.
How can it be solved, that the gateway opens a tunnel to the special
host in the private subnet (let.s say 192.168.0.3) if there is a query
for host3.domain.net?
In my opinion this cannot be done because the client queries the DNS
and simply opens the connection to the IP 1.2.3.4 and the gateway has
now hints how to decide to which internal host the tunnel should be
opened.
But this setup is possible because Microsoft ISA Server exactly does
this job!
I have no idea how to solve this. First idea was a kernel bridge
between the interfaces.
Do you have any hints for me?
Thanks a lot!
Andreas
Microsoft ISA Server is a Firewall/Proxy/Reverse-Proxy ...
So in your case, I suppose it does a reverse proxy job (not a tunneling,
just working as a web client for internal network).
I already replaced several ISA server with GNU/Linux solutions, with the
help of Apache and his mod_proxy ... that's imho your solution.
Can this also be done for SSH und IMAP stuff?
--
. /mRyOuNg/ . [ SoundBomb . Syn[Rj] ] .
mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
web : mryoung.soundbomb.net <http://mryoung.soundbomb.net/>
--
[email protected] mailing list
