Re: [fw-wiz] Access to firewalled server via dhcp'd internet connection



There's a number of sites that provide Dynamic DNS for situations just
like yours. However, I would contact your local broadband ISPs first
and see if they have a business class solution, or just flat out ask
if you can pay extra for a static IP. I ended up going with Speakeasy
for my home broadband for exactly that reason. Also, something to
consider, when you do pick a broadband provider, find out what ports
they block. I know there was a recent flap in my area because Comcast,
in their infinite wisdom, decided to not just block things like port
80/443/21 inbound, but also SSH and some of the ports things like
OpenVPN use. Obviously, with some trial and error you can pick an
inbound port they arent filtering on, but for f**ks sake, they should
just let you use your broadband for what you want to do with it.

On 4/7/06, Jim Seymour <jseymour@xxxxxxxxxxx> wrote:

"Paul D. Robertson" <paul@xxxxxxxxxxxx> wrote:

On Thu, 6 Apr 2006, Michael wrote:

How do I access my server through my firewall with a sourced dynamic IP
address????

1. Open the firewall.
2. Get on 6bone if your firewall supports IPv6 and get a block of
addresses, use a v4-v6 gateway and statically assign a v6 address.
3. Use a proxy at a fixed address- such as a VPS at a hosting provider..
4. Port knocking.

5. Even most cable companies and ILECs offer something resembling
"business class" broadband. While generally not up to the standards
most experienced network professionals would truly regard as
"business class," they do provide a more-or-less "static" IP address
assignment. You can look to paying $80 - $100 per month, last I
checked.

Jim
--
Note: My mail server employs *very* aggressive anti-spam
filtering. If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.linxnet.com/scform.php>.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: VPN problems
    ... But assuming you want to let people at the office access something else through the VPN tunnel, your easiest method is to set up one Linux box as a router so that everyone's traffic passes through that box and out. ... Anyway, you shouldn't be letting people with Macs connect directly to broadband - and certainly not people with Windows - especially in your case, you should assume the broadband connection is full of evil hackers and worms. ... Only protocols on top of UDP and TCP/IP have ports. ... One of the nice things with OpenVPN is that it uses UDP and so you can easily change the port if you want. ...
    (comp.os.linux.networking)
  • Re: BT Broadband - Port 25
    ... information about whether BT Broadband intercepts port 25 traffic. ... proxies outgoing port 25 connections destined for servers beyond BT's ... Why would you not want to use an independent mail service? ... though I have yet to get it to use the default account properly. ...
    (uk.telecom.broadband)
  • Re: technical query
    ... I am using Sky Broadband, and want to run Apache on my pc. ... I have configured the netgear router to forward port 88 to the ...
    (uk.telecom.broadband)
  • Re: BT Broadband - Port 25
    ... information about whether BT Broadband intercepts port 25 traffic. ... proxies outgoing port 25 connections destined for servers beyond BT's ... Why would you not want to use an independent mail service? ... though I have yet to get it to use the default account properly. ...
    (uk.telecom.broadband)
  • Re: BT Broadband - Port 25
    ... information about whether BT Broadband intercepts port 25 traffic. ... proxies outgoing port 25 connections destined for servers beyond BT's ... Why would you not want to use an independent mail service? ... though I have yet to get it to use the default account properly. ...
    (uk.telecom.broadband)