Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Dec 2001 13:33:53 +1300
From:      Tom Peck <tom@masaclaw.co.nz>
To:        freebsd-net@FreeBSD.ORG
Subject:   1 IP - 1 Firewall - 2 Webservers
Message-ID:  <5.1.0.14.2.20011211121120.0287ddb0@mail.masaclaw.co.nz>

next in thread | raw e-mail | index | archive | help
Hello

We have ONE static IP with our ISP via a Cable Modem.  Connected at our end 
of the Cable Modem is a FreeBSD Firewall / Internet Gateway for the rest of 
the internal Lan.

On the Internal Network we have 2 Web / Mail servers which collect mail and 
serve HTTP requests recieved from the gateway box.

INTERNET ---> GATEWAY_BOX  ---> WEBSERVER_1 (www.domain1.com, bla@domain1.com)
                            ---> WEBSERVER_2 (www.domain2.com, bla@domain2.com)
                            ---> WORKSTATIONS


We are currently using squid to forward on the HTTP requests to the web 
servers decided by domain requested, ie if someone goes to 
www.domain1.com/index.htm this request will be forwarded by Squid to the 
WEBSERVER_1.

This has been working fine, until I decided to run some tests, and look 
through the apache logs on the WEBSERVER_1.  ALL incoming Client IP's and 
Addresses are always that of the GATEWAY_BOX.  This poses a problem for 
websites which have security on them for OUTSIDE addresses, as this 
security will no longer work..  Also, WebStats are going to be invalid as 
all requests are made from the Gateway IP.

Does anybody have any solutions for this problem?  Other software solutions 
which will fun on FreeBSD?  Any help would be most appreciated - even just 
a "I wouldn't have a clue, e-mail this group" or something.

Thanks All

Tom Peck



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.2.20011211121120.0287ddb0>