Diego Rivera wrote: > Also, you might want to look into Bind 9 and DNS Zones - that's how I > solved my problem. The external users see one IP address for a > particular domain name - the public one -, and the internal users see > another IP (private) for the same server. Thus, they learn to call > things "by their right name", and leave it to us geeky engineer IT über > god guys to do the magic. >
I believe that the OP mentioned that in this particular instance, the application registers it's *IP Address* with an external server. If so, a DNS solution isn't appropriate in this case. In any efent, I would still prefer to see the application server placed on a separate LAN (dmz) so that: a) It is isolated from the local hosts in the event that it is hacked; and b) When local clients connect to the application, the SOURCE IP will be the host's address as opposed to that of the firewall. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
