Hi again!
Thanks for your quickly answers,
I think I hadn't explained enough clearly in the first mail.
The problem is the following:
I have a SINGLE public ip with an associated domain. In that host I have
a DNS server, mail server, web, etc. The important point is at the DNS.
What i'd
to a service that I absolutely trusted.
Phil
-Original Message-
From: Ramon Acedo [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: 13 Feb 2002 15:33:01 +0100
Subject: Re: Emulate real ip's to access intranet hosts from outside
Hi again!
Thanks for your quickly answers,
I think I
Hi,
Ramon Acedo wrote:
I'd like to have a map like this:
ftp1.mydomain.net --- 192.168.1.10
ftp2.mydomain.net --- 192.168.1.50
www1.mydomain.net --- 192.168.1.12
www2.mydomain.net --- 192.168.1.33
that´s hard, tricky and not always possible.
most protocols (e.g. ftp, telnet, http
It seems to accomplish the example you posed, you need 2 external IPs.
Say they were 1.1.1.1 and 1.1.1.2 for example. Then in DNS you could do:
ftp1 - 1.1.1.1
ftp2 - 1.1.1.2
www1 - 1.1.1.1
www2 - 1.1.1.2
And on your firewall do:
1.1.1.1 port 21 - 192.168.0.10
1.1.1.2 port 21 - 192.168.0.50
: Re: Emulate real ip's to access intranet hosts from outside
I think it is worth pointing out that port-forwarding has security
implications. If one of your services is compromised (even if it is not
running as root) the attacker now has a good amount of access to your
local/internal network. I
Hi again!
Thanks for your quickly answers,
I think I hadn't explained enough clearly in the first mail.
The problem is the following:
I have a SINGLE public ip with an associated domain. In that host I have
a DNS server, mail server, web, etc. The important point is at the DNS.
What i'd
to a service that I absolutely trusted.
Phil
-Original Message-
From: Ramon Acedo [EMAIL PROTECTED]
To: debian-security@lists.debian.org
Date: 13 Feb 2002 15:33:01 +0100
Subject: Re: Emulate real ip's to access intranet hosts from outside
Hi again!
Thanks for your quickly answers
Hi,
Ramon Acedo wrote:
I'd like to have a map like this:
ftp1.mydomain.net --- 192.168.1.10
ftp2.mydomain.net --- 192.168.1.50
www1.mydomain.net --- 192.168.1.12
www2.mydomain.net --- 192.168.1.33
that´s hard, tricky and not always possible.
most protocols (e.g. ftp, telnet, http
It seems to accomplish the example you posed, you need 2 external IPs.
Say they were 1.1.1.1 and 1.1.1.2 for example. Then in DNS you could do:
ftp1 - 1.1.1.1
ftp2 - 1.1.1.2
www1 - 1.1.1.1
www2 - 1.1.1.2
And on your firewall do:
1.1.1.1 port 21 - 192.168.0.10
1.1.1.2 port 21 - 192.168.0.50
@lists.debian.org
Subject: Re: Emulate real ip's to access intranet hosts from outside
I think it is worth pointing out that port-forwarding has security
implications. If one of your services is compromised (even if it is not
running as root) the attacker now has a good amount of access to your
local/internal
-Original Message-
From: Ramon Acedo [EMAIL PROTECTED]
Date: Sun, 10 Feb 2002 23:39:20 +0100
Subject: Emulate real ip's to access intranet hosts from outside
---snip-
I just want that when someone try to access to host1.mydomain.net
from the
internet my firewall (and dns server)
-Original Message-
From: Ramon Acedo [EMAIL PROTECTED]
Date: Sun, 10 Feb 2002 23:39:20 +0100
Subject: Emulate real ip's to access intranet hosts from outside
---snip-
I just want that when someone try to access to host1.mydomain.net
from the
internet my firewall (and dns server)
* Ramon Acedo ([EMAIL PROTECTED]) [020210 14:43]:
I just want that when someone try to access to host1.mydomain.net from the
internet my firewall (and dns server)
forward the request to host1.local which has the private ip 192.168.1.20.
I've thought about this problem, but I don't think
13 matches
Mail list logo