Tom Eastep wrote: > Diego Rivera wrote: >> Also, you might want to look into Bind 9 and DNS Zones - that's how I >> solved my problem. The external users see one IP address for a >> particular domain name - the public one -, and the internal users see >> another IP (private) for the same server. Thus, they learn to call >> things "by their right name", and leave it to us geeky engineer IT über >> god guys to do the magic. >> > > I believe that the OP mentioned that in this particular instance, the > application registers it's *IP Address* with an external server. If so, > a DNS solution isn't appropriate in this case. > > In any efent, I would still prefer to see the application server placed > on a separate LAN (dmz) so that: > > a) It is isolated from the local hosts in the event that it is hacked; and > > b) When local clients connect to the application, the SOURCE IP will be > the host's address as opposed to that of the firewall. > > -Tom
It is indeed unfortunately working from the IP address and not the hostname. We do already have split DNS but that won't work for this particular problem. Thanks for the pointer to the FAQ. I did scan over the topics there quickly before, but the heading didn't jump out at me. I've implemented the hack however now there's another problem the application's designers will have to be consulted on. There's always something to be fixed here. I will be creating a dmz for this as soon as I get time to fiddle some more. Thanks for the help Matt ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
