Re: FireboxII: Cannot reach external IP adresses on my network from behind the firewall...

From: Leythos (void@nowhere.com)
Date: 09/20/02 

From: Leythos <void@nowhere.com>
Date: Fri, 20 Sep 2002 00:53:25 GMT

In article <1032291172.463452@yasure>, aaron@dctechservices.com says...
> Hi,
>
> I have a strange situation with my fireboxII. I have tried in default
> configuration as well as with my necissary rules, and the results are the
> same:
>
> Workstations on the local network cannot get to the nat translated services
> via the external port on the firewall. I need to allow my workstations to
> access a pop3 server behind the firewall (workstations are behind it as
> well) on the external IP as opposed to the internal adress on the mail
> server. We also do web development and host a number of websites with
> virtual hosting via host name aliasing on the server. All the sites reside
> on the same ip, but are diferentiated by the host address name.
> Both of these services work fine to the outside world, they access the
> external ip of the firewall, which routes to the mail or web server via nat,
> but from a workstation inside, the external IP cannot be found.
>
> Is there a rule I can setup to allow this?

Aaron,

You can do several things - you can setup your own internal DNS server,
add the internal sites to it, and make the internal DNS server the first
in the list (assuming your are using DHCP this should be easy). You
could also add a HOST file entry for the internal sites to every
machine.

While the HOST file entry is easy, it's time consuming to push it to
every machine on the network.

In my development center I have 4 servers, some with as many as 8 IP's
assigned to each NIC, and host ROOT and Virtual sites on each system. I
use dedicated IP's for each site VD or ROOT with public NAT mappings to
each. I have a master page that redirects the users, if external, to the
external IP, and if internal to the internal IP. This means that any
developer / client can reach the PUBLIC page, see the sites, and click
on the link. The IP shown on the page is based on the users IP, if it's
not 192.X.X.X then I give the public IP, if it's 192.X.X.X then I return
the private IP.

We also run host files and DNS...... 

-- 
--
Leythos999@columbus.rr.com
(Remove 999 to reply to me)

Relevant Pages

  • Re: SETUP whole new system
    ... I have no control on the DNS or the MX records. ... $ host -t mx UMontreal.CA ... All the workstations should send mail ... I have no control on server ...
    (comp.mail.sendmail)
  • FireboxII: Cannot reach external IP adresses on my network from behind the firewall...
    ... configuration as well as with my necissary rules, ... Workstations on the local network cannot get to the nat translated services ... access a pop3 server behind the firewall (workstations are behind it as ... virtual hosting via host name aliasing on the server. ...
    (comp.security.firewalls)
  • RE: Exchange on Small Business Server Disconnected Clients
    ... workstations and the SBS. ... You said you changed the Host. ... and host necessitated updating 4 of 5 clients on a small network last Friday. ... error message 0x8004011D, server not available. ...
    (microsoft.public.exchange.connectivity)
  • RE: HELP! Publishing Errors :-(
    ... not to be don on Windows 2000 / FrontPage 2002 whic is ... My host STILL INISTS it is not a server side issue but I ... workstations reciently ran the autoupdate from the MS ...
    (microsoft.public.frontpage.extensions.windowsnt)
  • Re: SBS 2003 Misconfigured?
    ... up one of the workstations via remote web connection, ... but why are you looking at the server rather than the workstation? ... (this will show you the DHCP lease info). ... The Netgear, or whatever you use as your gateway to get out to the Internet. ...
    (microsoft.public.windows.server.sbs)
Quantcast