| 1 |
Is ISA server doing this for SSH,Mail ...? SSH in particular would be |
| 2 |
extremely difficult unless you nat a different port for each host. The only |
| 3 |
reason you are able to do this is that http passes the hostname with the |
| 4 |
request to the webserver and the proxy can determine how to handle it. |
| 5 |
|
| 6 |
Sean |
| 7 |
|
| 8 |
On 18-Aug-2006, Andreas Herrmann wrote: |
| 9 |
> We don't have enough public IP's but we want to have several real |
| 10 |
> servers for different customers (SSH, Mail, etc.) in the private subnet. |
| 11 |
> |
| 12 |
> I also plan to switch from Microsoft ISA Server to an |
| 13 |
> Open-Source-Solution with Linux. The solution can be simply done for |
| 14 |
> webservers, but we need a solution for several services. |
| 15 |
> |
| 16 |
> I try to figure out the problem with a simple example: |
| 17 |
> host1.domain.net IN A 1.2.3.4 |
| 18 |
> host2.domain.net IN A 1.2.3.4 |
| 19 |
> The gateway (1.2.3.4) should dynamicaly open a tunnel to |
| 20 |
> 192.168.0.1 if the query is for host1.domain.net |
| 21 |
> and to |
| 22 |
> 192.168.0.2 if the query is for host2.domain.net |
| 23 |
> |
| 24 |
> If you need more details feel free to ask. |
| 25 |
> |
| 26 |
> Andreas |
| 27 |
> |
| 28 |
> |
| 29 |
> Sean Cook schrieb: |
| 30 |
> >My question is really what is the purpose? Are these webservers? Do they |
| 31 |
> >have different services? You could use apache with mod_proxy for |
| 32 |
> >webservices... |
| 33 |
> > |
| 34 |
> >If you can give a few other details as to what you are trying to |
| 35 |
> >accomplish, |
| 36 |
> >I might be able to help a bit more. |
| 37 |
> > |
| 38 |
> >Sean |
| 39 |
> > |
| 40 |
> >On 18-Aug-2006, Andreas Herrmann wrote: |
| 41 |
> >>Hi there, |
| 42 |
> >> |
| 43 |
> >>I want to setup a gateway / firewall solution with Gentoo. The network |
| 44 |
> >>has following structure: |
| 45 |
> >> |
| 46 |
> >>Several host (host[1,...,x].domain.net) are defined within the DNS and |
| 47 |
> >>all of them have the same A-Record with the IP 1.2.3.4 |
| 48 |
> >>The gateway is listening on its external network interface with the IP |
| 49 |
> >>1.2.3.4 and has an internal interface with a private subnet |
| 50 |
> >>(192.168.0.0/24). The hosts (host[1,...,x].) are addressed in this subnet. |
| 51 |
> >> |
| 52 |
> >>How can it be solved, that the gateway opens a tunnel to the special |
| 53 |
> >>host in the private subnet (let.s say 192.168.0.3) if there is a query |
| 54 |
> >>for host3.domain.net? |
| 55 |
> >> |
| 56 |
> >>In my opinion this cannot be done because the client queries the DNS and |
| 57 |
> >>simply opens the connection to the IP 1.2.3.4 and the gateway has now |
| 58 |
> >>hints how to decide to which internal host the tunnel should be opened. |
| 59 |
> >> |
| 60 |
> >>But this setup is possible because Microsoft ISA Server exactly does |
| 61 |
> >>this job! |
| 62 |
> >> |
| 63 |
> >>I have no idea how to solve this. First idea was a kernel bridge between |
| 64 |
> >>the interfaces. |
| 65 |
> >> |
| 66 |
> >>Do you have any hints for me? |
| 67 |
> >> |
| 68 |
> >>Thanks a lot! |
| 69 |
> >> |
| 70 |
> >>Andreas |
| 71 |
> >> |
| 72 |
> >>-- |
| 73 |
> >>gentoo-server@g.o mailing list |
| 74 |
> >> |
| 75 |
> |
| 76 |
> |
| 77 |
> -- |
| 78 |
> gentoo-server@g.o mailing list |
| 79 |
> |
| 80 |
-- |
| 81 |
gentoo-server@g.o mailing list |
Archives