Re: Need assistance w/ Checkpoint NG, URL based redirection
From: spivver (spivver_at_spivver.net)
Date: 01/09/04
- Next message: David Hunt: "Remote Desktop access w/IP Cop"
- Previous message: MyndPhlyp: "Re: Linksys BEFSX41 problems"
- In reply to: zenner: "Re: Need assistance w/ Checkpoint NG, URL based redirection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 9 Jan 2004 08:10:30 -0800
I think so, but I have no idea how to do it, and I can't find anywhere
on the web that explains how!
I am currently using HTTP mapping, for example, a service Other, IP
protocol 6, with the Match field filled in as:
SRV_REDIRECT(80,192.168.1.10,8080)
Where users who hit the external IP of my firewall on port 80 redirect
to my internal server at 192.168.1.10, port 8080.
Have another Other service defined as:
SRV_REDIRECT(443,192.168.1.10,443)
for SSL to that same server.
Then I have another defined like this:
SRV_REDIRECT(81,192.168.1.11,80)
And I have users browse to mail.host.com:81 to access this other
webserver. Which sucks, I have to specify a port number in the link
to people.
I thought there was a way I could have everyone browse to
mail.host.com, web1.host.com, web2.host.com, all pointing to the same
IP (the external IP of my firewall) and the firewall can then, based
on the host portion of the URL, redirect to the appropriate internal
IP/port.
Can this be done? I can't find anywhere where it's documented how,
but I'm told by people it can.
"zenner" <zenner@pacbell.net> wrote in message news:<j2hLb.8318$CS7.3288@newssvr25.news.prodigy.com>...
> Did you read, research the UFP/URI "match" commands?
>
> Not sure if that is what you are looking for?
>
>
> "spivver" <spivver@spivver.net> wrote in message
> news:a63abea1.0401071938.45e66476@posting.google.com...
> : Help! I am under the impression there is a way within Checkpoint to
> : redirect incoming requests to the Firewall's external IP to different
> : internal web servers based on the host portion of the URL string. In
> : my particular situation, I have different internal webservers hidden
> : by NAT with Checkpoint behind one single public IP address. I want to
> : assign various hosts (mail.host.com, web1.host.com, web2.host.com) to
> : my public IP address, then when the incoming http request hits the
> : firewall, Checkpoint should see the host string and know mail.host.com
> : redirects to internal IP 1, web1.host.com to internal IP 2,
> : web2.host.com to internal IP 3, etc, etc. I believe this can be done
> : (am I right?) and if so, how??
> :
> : Thanks in advance!
> : Pete
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.558 / Virus Database: 350 - Release Date: 1/2/2004
- Next message: David Hunt: "Remote Desktop access w/IP Cop"
- Previous message: MyndPhlyp: "Re: Linksys BEFSX41 problems"
- In reply to: zenner: "Re: Need assistance w/ Checkpoint NG, URL based redirection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
