Re: NAT and firewall question
From: OneSolution (onesolution_at_sbcglobal.net)
Date: 04/28/04
- Next message: Christoph Scheurer: "Re: no access on internal network"
- Previous message: Markus Haberstock: "newbie trouble with ip route"
- In reply to: OneSolution: "NAT and firewall question"
- Next in thread: Jeff Breitner: "Re: NAT and firewall question"
- Reply: Jeff Breitner: "Re: NAT and firewall question"
- Reply: ya: "Re: NAT and firewall question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 28 Apr 2004 08:07:46 GMT
Ok guys, let me clarify.
First of all, from within my private network, the laptop will request a
domain name, let's call it Foo.Bar.com. Foo.Bar.com has been associated in
the DNS of my provider to point to my firewall, which has the public IP
address. The firewall has been instructed to forward IMAP and HTTP ports to
servers within the private network. So the laptop and the servers are on
the same side of the network.
Now ... the laptop, as I stated, requests Foo.Bar.com, and Foo.Bar.com
points to the firewall, and you would think that regardless of where you ask
for Foo.Bar.com, when the firewall gets the request, it would just forward
the packets onto the appropriate host.
However, when the request for Foo.Bar.com comes from within the private
network, it seems that the NAT doesn't happen and the stupid firewall sits
there not knowing where to send the packets.
When the request comes from outside the private network, then the firewall
NAT rules kick in and the servers get their packets.
So that's the problem - not DHCP at all. How do I get my firewall to
forward packets to the designated servers regardless of where the packets
are coming from?
Fundamentally, I think the reason for the problem is that the NAT rules only
apply to incoming packets, with outgoing packets never having the rules
applied to them. So if there is a way for me to make the outgoing packets
have to go through the NAT rules, then it would be possible for my problem
to disappear.
Clues????
Thanks,
-Z-
"OneSolution" <onesolution@sbcglobal.net> wrote in message
news:OFzjc.2604$au.120@newssvr23.news.prodigy.com...
> I have setup my network so that there is a firewall with NAT enabled. Web
> and IMAP are forwarded by the firewall to a server. The firewall has a
> public IP address and a DNS entry from the outside world, so when people
> connect to that outside IP or public name, from the outside world, their
> requests get routed properly to the web server, or the IMAP server.
>
> The people within the office have laptops. If I configure their laptop
IMAP
> or pop3 clients to use the internal private IP address, then when they go
> home, they can't use those configured accounts as the IP is private, but
it
> works great within the office. If I configure the laptops with the public
> IP and/or DNS entry, then they can check mail and stuff from home, but not
> from within the office.
>
> How do I set it up so that I can have their laptops configured to work
> within the network, and from outside the network without having to create
> multiple mail accounts on their laptops?
>
> Thanks a lot,
> - Z -
>
>
- Next message: Christoph Scheurer: "Re: no access on internal network"
- Previous message: Markus Haberstock: "newbie trouble with ip route"
- In reply to: OneSolution: "NAT and firewall question"
- Next in thread: Jeff Breitner: "Re: NAT and firewall question"
- Reply: Jeff Breitner: "Re: NAT and firewall question"
- Reply: ya: "Re: NAT and firewall question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
