Results 1 to 4 of 4
Well, good day all.
Let me explain the situation.
h-ttp://dl.dropbox.com/u/712072/Drawing1.jpg
in the image here above you see there is a proxy from school. Behind that its me with my own ...
- 11-02-2010 #1Just Joined!
- Join Date
- Sep 2010
- Posts
- 9
DMZ not working
Well, good day all.
Let me explain the situation.
h-ttp://dl.dropbox.com/u/712072/Drawing1.jpg
in the image here above you see there is a proxy from school. Behind that its me with my own proxy/router (just trying something’s out..). Behind that proxy you see a linux web and mail server.
Allso the active directory is connected to the proxy.
The problem I’m facing is the following. Internal, so with my windows XP client, I can connect to the webserver. So from ip adres 10.1.1.4 I can connect to 10.1.1.28. The point is that someone from the outside has to connect tot the internal internet site as well. But everything I do, I just can get is to work. I’ve tried masquerading networks in the firewall settings and I also followed this: h-ttp://forums.opensuse.org/english/get-help-here/network-internet/440956-block-all-ports-but-port-80-iptables-dmz.html
Is there a other option? Did I do something wrong??
- Bas
- 11-03-2010 #2Just Joined!
- Join Date
- Feb 2005
- Posts
- 4
Are there any options in the firewall/routing configuration for "Port Forwarding" or similar? What kind of equipment is being used?
What you want to do is forward the port required (80 for http) to the IP address of the server.
- 11-03-2010 #3Just Joined!
- Join Date
- Nov 2009
- Posts
- 53
From your picture, you are not showing all the IP Addresses involved...
From the "outside", the first thing you will need is an address of the Web Service.
How are you doing that? Do you have a resolvable Domain Name that is available to the outside world or do you provide some other means for outsiders to connect to your school?
Once I can connect to your Proxy, configure it to forward the incoming connect request to the Web Box.
- 11-03-2010 #4Just Joined!
- Join Date
- Feb 2005
- Posts
- 4
Well, a www address resolvable to an IP doesn't matter, you can still access the network using the external IP address.
Bas mentions the use of a firewall. Is the firewall a standalone machine/equipment or integrated into the proxy? It should be really.
If it is seperate from the proxy then you would have your DMZ connected to one port on a router, while the internal network would be connected to another. But thats an ideal scenario. If everything goes through the proxy server and there is a firewall then as void said, you would have to forward port 80 from firewall to proxy, from proxy to DMZ.
Need more info to resolve this issue Bas.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts