.. sorry. Clicked on "reply" button ... 2010/11/10 Juergen Northe <juergen.nor...@googlemail.com>: > Hello Erich, > afaik DNAT implies the corresponding ACCEPT rule but to be sure I > added the correspondig ACCEPT rule. > > I also thought to simply add a 'hosts' entry for 192.168.146.2 to > "redirect" the users of the dmz to the webserver in the local net > because only 2 XP clients need this service. > > But: > 192.168.146.2 has two different fqdn each for the special web server ( > web1.domain.com and web2.domain.com, with certificates ) > so https://web1.domain.com -> 192.168.146.2:443 > and https://web2.domain.com -> 192.168.146.2:443 and not > 192.168.146.2:444. Unfortunatly https://web2.domain.com:444 is not > accepted by the webserver :-( > > I wonder why my test scenario worked for one host. > > In the polcy file I added the ULOG but got no messages. > > > 2010/11/10 Erich Titl <erich.t...@think.ch>: >> Ooops >> >> at 10.11.2010 15:06, Juergen Northe wrote: >>> Hello ! >> .... >> >>> >>> Nothing special. This works perfect. >>> >>> Now I want users located in the dmz be able to connect these >>> webservers too and added the follwing rules to the exising ones: >>> >>> DNAT dmz loc:192.168.146.2:443 tcp 443 - 123.123.123.1 >>> DNAT dmz loc:192.168.146.2:444 tcp 443 - 123.123.123.2 >> >> No need, the users in the DMZ need not pass through the firewall. I >> guess you have to look into DNS and split view. Also you cannot redirect >> anything if you don't pass through a firewall. >> >> cheers >> >> Erich >> >> >> ------------------------------------------------------------------------------ >> The Next 800 Companies to Lead America's Growth: New Video Whitepaper >> David G. Thomson, author of the best-selling book "Blueprint to a >> Billion" shares his insights and actions to help propel your >> business during the next growth cycle. Listen Now! >> http://p.sf.net/sfu/SAP-dev2dev >> ------------------------------------------------------------------------ >> leaf-user mailing list: leaf-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/leaf-user >> Support Request -- http://leaf-project.org/ >> >> > > > > -- > > > > mit freundlichem Gruss > Jürgen Northe >
-- mit freundlichem Gruss Jürgen Northe ------------------------------------------------------------------------------ The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book "Blueprint to a Billion" shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
