Re: port forwarding -- nat/ipfw
- From: "MZ" <mark@xxxxxxxxxx>
- Date: Mon, 14 May 2007 21:25:40 -0400
"Adrian Urquhart" <adrian@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:pan.2007.05.14.21.12.37@xxxxxxxxxxxxxxxxxxxxxxxxxxx
On Mon, 14 May 2007 20:54:54 +0200, Torfinn Ingolfsen wrote:
Adrian Urquhart wrote:
Also, you won't be able to test this forwarding from inside your LAN
due to "double NATing" - you can't go out from your LAN to your public
IP and then back in to a port forwarded machine. You need to use a
machine external to your LAN. So things may be working as you want them
to, it's just that you're testing incorrectly.
Excuse me?
Maybe I'm reading this incorrectly, but I'm using a double NAT setup,
and I'm perfectly able to access webservers on my LAN (the "inside")
using their public address.
How does this work?
I have a dynamic IP address on my ADSL router, so I use dynamic dns to
get a name to match the ip address.
I have several servers on my LAN, but my firewall can only forward http
(port 80) to one internal ip address. I solve that problem by letting
the webserver on that internal address be a proxy for the other servers.
So, whether I type (from inside my LAN) http://www.google.com/ or
http://name-of-internal-webserver.dyndns.org/ I get the correct page.
Just my 2 eurocents.
Well, it certainly doesn't work for me, at least using the approach (the
one I suspect most folks would use) of simply typing the URL that
everyone else would use.. Obviously I can reach external hosts such as
Google without any problem, but trying to access a site hosted internally
by using its external name fails to establish a connection. Everything
I've read, and experience so far, has lead me to believe this is the
expected behaviour.
I'm on ADSL with the ADSL device acting as a bridge so the FBSD gateway
(running natd and ipfw) has the public (static) IP address. Maybe your
ADSL router is doing something which my setup isn't? Maybe I've just been
missing something all this time...
Mine resolves my server name from inside and outside the network too. So I
can load up my web site from inside the network the same way I'd load it up
from outside. I wonder, though, if it's the most efficient way, because
rather than getting to the server from the internal ip address
(192.168.x.x), it goes through the IP address that my ISP assigns me.
Anyone know if it would make any difference in terms of speed if I made it
somehow resolve to the internal IP? Or is it doing the same thing either
way?
Anyway, back to my original question. Can anyone suggest a helpful web site
to square away my DNS issues? I'm having a little trouble understanding
zones in the handbook. I don't even know whether or not I need to use them
to be able to forward the port to the other server...
.
- Follow-Ups:
- Re: port forwarding -- nat/ipfw
- From: MZ
- Re: port forwarding -- nat/ipfw
- From: jpd
- Re: port forwarding -- nat/ipfw
- References:
- port forwarding -- nat/ipfw
- From: MZ
- Re: port forwarding -- nat/ipfw
- From: Adrian Urquhart
- Re: port forwarding -- nat/ipfw
- From: Torfinn Ingolfsen
- Re: port forwarding -- nat/ipfw
- From: Adrian Urquhart
- port forwarding -- nat/ipfw
- Prev by Date: Partitioning Help
- Next by Date: Re: installing FreeBSD 6.2 w/ ICH8 chipset
- Previous by thread: Re: port forwarding -- nat/ipfw
- Next by thread: Re: port forwarding -- nat/ipfw
- Index(es):
Relevant Pages
|
