Date: Wed, 28 Jul 1999 08:33:23 -0400 (EDT) From: Dan Simoes <dans@deva.iclick.com> To: brian@FreeBSD.org.uk (Brian Somers) Cc: brian@FreeBSD.org.uk (Brian Somers), dans@iclick.com (Dan Simoes), freebsd-questions@FreeBSD.ORG (freebsd-questions@FreeBSD.ORG) Subject: Re: setting up redirects with natd/firewall Message-ID: <199907281233.IAA02865@deva.iclick.com> In-Reply-To: <199907281155.MAA01940@keep.lan.Awfulhak.org> from "Brian Somers" at Jul 28, 1999 12:55:32 PM
next in thread | previous in thread | raw e-mail | index | archive | help
> Natd should be run on the interface with address A.B.C.D. It does > the redirect_port on the primary address by default. If you have > more than one web server, you'll need to run natd on a multi-homed > interface and do something like > > redirect_port tcp 192.168.100.A:80 A.B.C.D:80 > redirect_port tcp 192.168.100.B:80 E.F.G.H:80 > > where A.B.C.D and E.F.G.H are your external addresses. I think the letters are getting confusing. Say I have two web servers with addresses of 199.1.1.1 and 199.1.1.2 which are in DNS as web1 and web2. I want to place them behind the firewall, so I readdress them as 192.168.100.1 and 192.168.100.2, private side addresses. On the outside, DNS still lists web1 and web2 with public side addresses. I want to direct queries through the firewall for those hosts, but I need to either change DNS so web1 and web2 point to the firewall's public side interface, or run multiple interfaces (virtual IPs?) on the firewall so those IPs are publicly visible. I don't think redirect_port will do this, correct? -- Dan Simoes mail:dans@iclick.com iClick web:www.iclick.com 410 Saw Mill River Road LL 135 voice: 914.693.0837 Ardsley, NY 10502 fax:914.693.1055 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907281233.IAA02865>