1 |
Andreas Herrmann wrote: |
2 |
> mRyOuNg schrieb: |
3 |
>> Microsoft ISA Server is a Firewall/Proxy/Reverse-Proxy ... |
4 |
>> |
5 |
>> So in your case, I suppose it does a reverse proxy job (not a tunneling, |
6 |
>> just working as a web client for internal network). |
7 |
>> |
8 |
>> I already replaced several ISA server with GNU/Linux solutions, with the |
9 |
>> help of Apache and his mod_proxy ... that's imho your solution. |
10 |
> |
11 |
> Can this also be done for SSH und IMAP stuff? |
12 |
> |
13 |
IMAP proxying is also possible (for example, uw-imapproxy does the |
14 |
job)... Don't know for the SSH part (never find it useful as i don't |
15 |
publish ssh to external network)... |
16 |
|
17 |
The fact is that http reverse proxy is hostname based (virtual hosts) |
18 |
which means that even with only 1 IP, you can host several websites ... |
19 |
That's not the same for IMAP or SSH ... because thoses services are not |
20 |
hostname based... |
21 |
|
22 |
If you want to publish only 1 IMAP server to external network (for |
23 |
example, imap.domain.tld), there's no problem then ... proxying or |
24 |
nating is the way it's usually done (via DMZ for the NAT part). |
25 |
Else, if you want, with only 1 IP, to publish several IMAP servers to |
26 |
external networks without using "exotic" tcp/udp ports, then, that's a |
27 |
bit trickier, and needs some studies... |
28 |
|
29 |
Ofcourse, SRV feature exists in DNS system, but there are not that |
30 |
useful except for kerberos service and such ... not for imap or ssh... |
31 |
|
32 |
|
33 |
. /mRyOuNg/ . [ SoundBomb . Syn[Rj] ] . |
34 |
|
35 |
mail: mryoung@×××××××××.net <mailto:mryoung@×××××××××.net> |
36 |
web : mryoung.soundbomb.net <http://mryoung.soundbomb.net/> |
37 |
-- |
38 |
gentoo-server@g.o mailing list |