On 14 May 2006 at 13:10, Ben Kamen wrote:
> Not really. I have multiple machines with multiple services being a single
> public IP. The trick is to
> make sure the ports are different. I use a Netscreen 5XP and it handles this
> method (port based mapping)
> as well as a full IP to IP mapping just fine.
If you are limited to a single public IP, you can't do much with the
DNS tricks mentioned. Every access to your public IP at port 25 (for
example) has to be routed to the same machine behind the firewall,
since the firewall can't know what DNS name the packet was originally
destined for. So, you can't separate things like "A" and "MX".
You *could* pull some tricks with port 80 if the firewall looked at
host header names in the request packets, but I don't know of any that
do this, since every web server has this capability.
--
Jeff Rife |
| http://www.nabs.net/Cartoons/Dilbert/TechBigot.gif
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
