Security Basics mailing list archives

RE: firewall setup

From: "MARTIN M. Bénoni" <benoni_martin () hotmail com>
Date: Thu, 08 Jul 2004 14:17:28 +0000

That's quite simple and well-known: NAT! :) Well not really raw NAT:
Process this:

1- Check your 3 boxes have the FW as their GW (assuming internal FW's NICand the 3 boxes' NICs are on the same LAN).


2- On The FW, set at least 3 rules:
     - Request to firewall.x.edu:3333, redirection to machine A.
     - Request to firewall.x.edu:4444, redirection to machine B.
     - Request to firewall.x.edu:5555, redirection to machine C.

And that's it! the only constraint is that to acces to machine A fromoutside, you will have to enter smth like http://firewall.x.edu:3333 or ftp-n firewall.x.edu:3333 or whatever...


Hope this helps...or drop me another mail!

From: Ognen Duzlevski <maketo () sdf lonestar org>
To: securityfocus <security-basics () securityfocus com>
Subject: firewall setup
Date: Wed, 7 Jul 2004 14:33:16 +0000 (UTC)

Hi, I have a basic question:
we have several boxes with unique public IP addresses which are part of abig .edu namespace. I would like to put these machines behind one singlefirewall and still keep their names. Is it possible to have all names pointto the firewall machine and then have the firewall direct the specificrequest to a specific box behind it?
So, if F is firewall.x.edu and I have A.x.edu, B.x.edu and C.x.edu I wantto have A, B and C behind F. A, B and C should now point to F and F willdirect all outside requests to A, B or C based on the name.
Thanks,
Ognen


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 offany course! All of our class sizes are guaranteed to be 10 students or lessto facilitate one-on-one interaction with one of our expert instructors.Attend a course taught by an expert instructor with years of in-the-fieldpen testing experience in our state of the art hacking lab. Master theskills of an Ethical Hacker to better assess the security of yourorganization. Visit us at:http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


_________________________________________________________________

MSN 8 with e-mail virus protection service: 2 months FREE*http://join.msn.com/?page=features/virus



---------------------------------------------------------------------------

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 offany course! All of our class sizes are guaranteed to be 10 students or lessto facilitate one-on-one interaction with one of our expert instructors.Attend a course taught by an expert instructor with years of in-the-fieldpen testing experience in our state of the art hacking lab. Master the skillsof an Ethical Hacker to better assess the security of your organization.Visit us at:http://www.infosecinstitute.com/courses/ethical_hacking_training.html

----------------------------------------------------------------------------

Current thread:

firewall setup Ognen Duzlevski (Jul 07)
- Re: firewall setup Salvador Sosa (Jul 07)
- RE: firewall setup David Gillett (Jul 07)
  - RE: firewall setup Ognen Duzlevski (Jul 07)
- RE: firewall setup Somnus (Jul 08)
- Re: firewall setup Dave Dearinger (Jul 08)
- Re: firewall setup Nelson Santos (Jul 08)
- <Possible follow-ups>
- RE: firewall setup MARTIN M. Bénoni (Jul 08)