Re: Real IP's
From: Rex (cwinter_at_hotmail.com)
Date: Sat, 18 Oct 2003 09:23:15 -0230
That is what I'm looking at doing. I have my router/firewall box ready with
However, there are a few problems.
I run several different web servers, several ftp servers, several mail
I cannot see how I can use the 192.168.0.0 IP range and then use port
forwarding to the different servers???
>From what I've read it can not be done when you have several of the same
servers. ie. Four web servers.
I don't need to do any port forwarding to my local lan.
I do however want to run a dhcp server for my local lan and I'm not exactly
sure how this will interact with my router/firewall????
Any insight would be appreciated.
"Todd Jones" <email@example.com> wrote in message
> I'm not sure if this is exactly what you are looking for, but it may be
> what you want. Otherwise, you'll need to give further information, but
> I'll give it a try.
> First, I'm assuming you have servers (http, smtp) which serve incoming
> connections from the internet. Therefore, I would place these servers
> on a DMZ. How you configure your DMZ is up to you, but the two most
> common methods is to do port forwarding onto some other network (not
> internal and not internet), or to assign the actual IP addresses to the
> boxes on the dmz and assign routes to each box. For this task, the most
> common way to do this with hardware is with three network cards
> (Internet, DMZ, LAN).
> Iptables masquerades your lan traffic for you.
> It sounds from your message below that your are considering port
> forwarding to your lan. This is generally seen as a bad idea.
> Todd Jones
> Rex wrote:
> > I'm re-doing our firewall at work and here's my situation.
> > I'm running multiple servers with several different servers running
> > duplicate services ie: http, smtp, etc.
> > I'll be doing a iptables based firewall/router, my question is...
> > 1. I can't use private ip's (192.168.0.x) and port forward, so how
> > forward/masq my real ip's??
> > 2. What tools work well ??
> > Thanks