[NTLUG:Discuss] Punch through firewall
clyde swann
swannc at hotmail.com
Sat Mar 4 00:08:20 CST 2000
here is what i have done in my situation and should work for you. i've only
tested using ping. next i will set up ipchains and the proxy. i thought i
would make routeing work first.
for eth1(192.168.1.1)
start linuxconf open [networking] => [client tasks] => [routing and
gateways] => [set other routes to host] add route specs where
gateway=192.168.1.1, host=200.200.200.201
machine 3 (192.168.1.13)
start linuxconf open [networking] => [server tasks] => [ip aliases for
virtual hosts] select network device, ie... eth0 set ip alias to
200.200.200.201
hope this helps...................................
>From: "Bob Byron" <bbyron at radit.com>
>Reply-To: discuss at ntlug.org
>To: <discuss at ntlug.org>
>Subject: Re: [NTLUG:Discuss] Punch through firewall
>Date: Fri, 3 Mar 2000 02:33:08 -0600
>
>Hate to say it, but I still am having trouble understanding how I am
>supposed to accomplish my task. I have reviewed quite a bit of the
>documentation and have yet to figure it out. Let me restate what I
>need to do.
>
>I have a local network using addresses 192.168.1.X.
>I have a Linux server configured as the gateway machine for
>the local network utilizing ip masquerading to access the internet.
>I have 5 ip addresses available for my use: 200.200.200.200
>through 200.200.200.204 (These addresses are not my real ip
>addresses)
>The server (Linux System) can be seen from the internet by using
>200.200.200.200.
>I am using ipchains to accomplish that.
>
>Now my problem is, I need to have machine 3 (in the example
>below to be seen from the internet. Since I do have 5 ip addresses
>available to me, I would like for people on the internet to access
>200.200.200.201 and have the Linux server redirect the traffic to
>my local Machine 3 (192.168.1.13).
>(I am using Redhat 6.1 - kernel 2.2.12 - ipchains firewall)
>
> Internet
>-------------|--------------
>eth0 (200.200.200.200)
> LINUX SYSTEM
>eth1 (192.168.1.1)
>-------------|--------------
> local network
> (192.168.1.X)
>
> Machine 1 Machine 2 Machine 3
>192.168.1.11 192.168.1.12 192.168.1.13
>
>I am hoping someone will spell out the command for me since I am
>very new at this type of administration.
>
>Bob Byron
>RAD Systems, Inc.
>www.radit.com
>(972)516-4256
>
>----- Original Message -----
>From: "Jonathan Miller" <betaray at kludge.org>
>To: <discuss at ntlug.org>
>Sent: Thursday, March 02, 2000 12:32 PM
>Subject: Re: [NTLUG:Discuss] Punch through firewall
>
>
>You can either use NAT (Network Address Translation) or Port
>Forwarding. Since you've got the addresses I'd say go with NAT. That'll
>allow you to say 200.200.200.201 -> 192.168.1.200. Port fowarding does
>exactly like it sounds like it does i.e. 200.200.200.201:80 ->
>192.168.1.200:80
>
>Information for setting up NAT with 2.2 can be found
>at: http://www.linuxdoc.org/HOWTO/Net-HOWTO-8.html. This is all going to
>change (again!) with 2.4, but that's life.
>
>-- Jonathan
>
>On Thu, 2 Mar 2000, Bob Byron wrote:
>
> > I am using Redhat 6.1 running an ipchains firewall.
> >
> > Internet ===|eth0 -- LINUX SYSTEM -- eth1|=== local network
> > The local network has 168.192.1.X addresses.
> > I have a machine behind a firewall that I want to access from the
> > interenet. How do I create a bridge through the firewall to that one
> > machine? Let's assume I have the domain range of 200.200.200.200
> > through 200.200.200.205, and eth0 had the address of 200.200.200.200.
> > I want to use the address 200.200.200.201 to address the machine
> > behind the firewall, how would I go about that? Ideally I want the
>address
> > 200.200.200.201 to be translated to 192.168.1.200 (the address of the
> > local machine.
> >
> > Thank You,
> > Bob Byron
> > RAD Systems, Inc.
> > www.radit.com
> > (972)516-4256
> >
> >
>
>
>_______________________________________________
>http://ntlug.org/mailman/listinfo/discuss
>
>
>_______________________________________________
>http://ntlug.org/mailman/listinfo/discuss
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
More information about the Discuss
mailing list