RE: firewall setup
From: MARTIN M. Bénoni (benoni_martin_at_hotmail.com)
Date: 07/08/04
- Previous message: Dave Dearinger: "Re: firewall setup"
- Maybe in reply to: Ognen Duzlevski: "firewall setup"
- Next in thread: Nelson Santos: "Re: firewall setup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: maketo@sdf.lonestar.org Date: Thu, 08 Jul 2004 14:17:28 +0000
That's quite simple and well-known: NAT! :) Well not really raw NAT:
Process this:
1- Check your 3 boxes have the FW as their GW (assuming internal FW's NIC
and the 3 boxes' NICs are on the same LAN).
2- On The FW, set at least 3 rules:
- Request to firewall.x.edu:3333, redirection to machine A.
- Request to firewall.x.edu:4444, redirection to machine B.
- Request to firewall.x.edu:5555, redirection to machine C.
And that's it! the only constraint is that to acces to machine A from
outside, you will have to enter smth like http://firewall.x.edu:3333 or ftp
-n firewall.x.edu:3333 or whatever...
Hope this helps...or drop me another mail!
>From: Ognen Duzlevski <maketo@sdf.lonestar.org>
>To: securityfocus <security-basics@securityfocus.com>
>Subject: firewall setup
>Date: Wed, 7 Jul 2004 14:33:16 +0000 (UTC)
>
>Hi, I have a basic question:
>
>we have several boxes with unique public IP addresses which are part of a
>big .edu namespace. I would like to put these machines behind one single
>firewall and still keep their names. Is it possible to have all names point
>to the firewall machine and then have the firewall direct the specific
>request to a specific box behind it?
>
>So, if F is firewall.x.edu and I have A.x.edu, B.x.edu and C.x.edu I want
>to have A, B and C behind F. A, B and C should now point to F and F will
>direct all outside requests to A, B or C based on the name.
>
>Thanks,
>Ognen
>
>
>---------------------------------------------------------------------------
>Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
>any course! All of our class sizes are guaranteed to be 10 students or less
>to facilitate one-on-one interaction with one of our expert instructors.
>Attend a course taught by an expert instructor with years of in-the-field
>pen testing experience in our state of the art hacking lab. Master the
>skills of an Ethical Hacker to better assess the security of your
>organization. Visit us at:
>http://www.infosecinstitute.com/courses/ethical_hacking_training.html
>----------------------------------------------------------------------------
>
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: Dave Dearinger: "Re: firewall setup"
- Maybe in reply to: Ognen Duzlevski: "firewall setup"
- Next in thread: Nelson Santos: "Re: firewall setup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
