Re: Moving From NAT to Multiple IPs - Server Considerations
- From: bsd@xxxxxxxxxxxxxxxx
- Date: Sat, 17 Jun 2006 18:47:48 +0100 (BST)
Hello,
I've recently started to work from home so the limitations of one IP
address are really starting to gripe me.
I've asked my ISP to order me a block of 8 ips. What considerations so I
be looking at when managing the IP server address change.
I'm not too concerned about the services going offline as they are not
used for anything critical and in any case services such as SMTP and
incoming e-mail have fail safes provided by my dns provider.
Do I need to install IPFirewall or will the server just close all the
ports that it is not using and be fine and dandy that way. Any
recommendations on good articles for installing IPFW. I've googled but I
am looking for something which allows me to do the basics but also talks
about the more advanced stuff such as blocking logins on SSH after x
attempts.
How do I manage the change from NAT to multi Ips. Does the server still
get given an internal IP address on the lan and then the router redirects
the external IP to that machine or does the machine have to be told that
it is now listening on IPs x, y and z.
Any help appreciated.
Cheers
Richard
--
Richard Collyer
richard@xxxxxxxxxxxxxx
Hi Richard,
You have asked a number of questions in one here. There are a number of
ways to do what I think you are trying to do. The way I have my systems
setup is problably the simplest but it depends on what you want.
My setup is the modem (no NAT or Firewall) on the 1st IP of the block (my
ISP calls it this the gateway address) this connects to a switch. I have a
firewall/nat/router (smoothwall) connected to the switch which does the
NATing etc to my internal network. The servers (Web, mail etc) have 2
ethernet connections, the 1st is on the external switch with an external
IP and all the ports closed except those necessary for the function. The
2nd (if you like the control connection) on the internal network with
things like the ssh oport open.
There are plenty of Howtos on IPF etc - just use Google. Also have a look
at the smoothwall site, IPcop is also good.
Hope this has given you some ideas. However, please remember anything
connected to an external ip does need a firwall.
Rob
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- References:
- Moving From NAT to Multiple IPs - Server Considerations
- From: Richard Collyer
- Moving From NAT to Multiple IPs - Server Considerations
- Prev by Date: Re: X ATI driver?
- Next by Date: Re: X ATI driver?
- Previous by thread: Moving From NAT to Multiple IPs - Server Considerations
- Next by thread: I need a freebsd 5.3 desktop server; recommendations?
- Index(es):
Relevant Pages
|
