bypassing a proxy server

From: Robert Storey (y2kbug_at_ms25.hinet.net)
Date: 03/15/04

  • Next message: Olga Zenkova: "sendmail upgrade" 
    Date: Mon, 15 Mar 2004 20:10:04 +0100
To: freebsd-questions@freebsd.org

    As some of you may recall, I'm engaged in an ongoing saga trying to set
    up a FreeBSD machine on a school's network. The school is Windows only -
    the administration knows nothing about FreeBSD (or Linux), and it's up
    to me to prove to them that FBSD is worth teaching to the students. Due
    to my lobbying, the school has given me one old computer to play with,
    and I have installed FreeBSD on it. But there are problems. The biggest
    is that the gateway machine is Windows 2000 and it's running a proxy
    server (to keep the students from visiting naughty web sites). So the
    FreeBSD machine cannot get through to the Internet with http, though the
    Windows machines can. On the other hand, the FBSD box can get through
    the gateway with ssh and ftp (though performance is sluggish, even with
    a T1 line). Furthermore, I want the FreeBSD machine to run an anonymous
    ftp server. Forgive the crappy drawing (I never claimed to be an
    artist), but this is how the network looks at the moment (except that
    there are 10 Windows clients, not 2):

                                             |-------|
                                             |windows|
               |------------| |------| |client |
               | Win2000 | | |----|-------|
     T1--------|proxy server|----|switch|
               | & gateway | | |----|-------|
               |------------| |---|--| |windows|
                                     | |client |
                                     | |-------|
                                     |
                               |-----|----|
                               | FBSD ftp |
                               | server |
                               |----------|

    The problem is that this doesn't work. People from outside the network
    can't get through to the FBSD ftp server. Clearly, that Win2000 proxy
    server is an evil machine. When I last discussed this problem (on this
    list), Matthew wrote back and offered me a pretty thorough explanation
    of the problem, which is posted here:

    http://freebsd.rambler.ru/bsdmail/freebsd-questions_2002/msg34253.html

    OK, I'm convinced, running a ftp server from a NAT gateway is a
    disaster. So I'm looking for a way around it. I have an old unused hub,
    and I've been thinking that this might be a possible solution (sort of
    like a DMZ?)...

                                             |-------|
                                             |windows|
               |------------| |------| |client |
               | Win2000 | | |----|-------|
     T1--HUB---|proxy server|----|switch|
          | | & gateway | | |----|-------|
          | |------------| |------| |windows|
          | |client |
          | |-------|
          |
     |----|-----|
     | FBSD ftp |
     | server |
     |----------|

    The only problem I see here is I don't know how I'm going to get an
    address for the ftp server. The Win2000 gateway has a static address, it
    dishes out addresses to the clients with dhcp. The NAT addresses are of
    course internal addresses like 10.0.0.12, but the school does own a
    block of 64 static addresses. If I simply stick a hub in front of the
    gateway machine, all traffic to the gateway will also be sent to the ftp
    server - I know that will cause packet collisions, but I can live with
    the crappy performance because it's a very low traffic environment. My
    main concern is simply how to assign an address to the ftp server
    without disconnecting the gateway machine.

    I'm sorry if I'm asking a dumb question, but I'm a novice when it comes
    to setting up networks. I haven't found anything on Google that deals
    with this particular question, and there is nobody around here that I
    can ask. Any advice is appreciated.

    Thanks in advance,
    Robert

     
    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: Olga Zenkova: "sendmail upgrade"

    Relevant Pages

    • RE: bypassing a proxy server
      ... imagine that there isn't a tool for windows which does the same. ... Also i cannot see the logic of your anonymous ftp server, ... is that the gateway machine is Windows 2000 and it's running a proxy ... can't get through to the FBSD ftp server. ...
      (freebsd-questions)
    • Re: Slow network transfer within LAN
      ... well I have always noticed with Windows that when you ... When I use to run an FTP server on ... Slow network performance occurs if you copy files to a domain controller ... Instead of the website you're using, I suggest to use OEx (Outlook Express ...
      (microsoft.public.windows.server.networking)
    • Re: windows 2000 unwanted data transfer
      ... and unneeded services running such as WWW or FTP that your ... computer is being used as a FTP server or such. ... >A windows 2000 professional pc is used to access internet on a PPPOE ... The charges are based on the volume of data transfer. ...
      (microsoft.public.win2000.security)
    • Re: windows 2000 professional hacked with Serv-U FTP Server
      ... > FTP server and was uploading movies files to this box. ... > How did hacked get into the machine and installed Serv-U ftp server? ... consider formatting and reinstalling Windows and all other software ... documents to remove the vulnerabilities in the default install of Windows. ...
      (microsoft.public.win2000.security)
    • Re: Networking with PCs
      ... Uhm, ok. ... disappeared which means that all my computers on my network report the ... but then I'd have to install a FTP server on the Windows ...
      (comp.sys.mac.advocacy)