Date: Mon, 12 Mar 2001 08:52:15 +0100 From: Christoph Sold <so@server.i-clue.de> To: Mike Squires <mikes@ct980320-b.blmngtn1.in.home.com> Cc: FreeBSD questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Inbound connections to NT4 Server behind FreeBSD natd/firewall Message-ID: <3AAC802F.16A96146@i-clue.de> References: <200103101429.f2AET2r37067@ct980320-b.blmngtn1.in.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Squires schrieb: > > I use a FreeBSD 4.3-STABLE box as a firewall/natd gateway for my home > network. I have an NT 4 Server running IIS4/FP 4.0 extensions and Oracle > 8.1.6 behind that firewall. > > The internal network uses non-routing IP numbers; the external network is > @home's. > > I would like to temporarily make the NT4 server accessible for connections > initiated by outside users for a development project, but can't figure > out any easy way of doing that. Outbound connections are, of course, a > piece of cake. > > The only solution I can think of would be to map the inbound connections to > http and FP to the NT4 server in the firewall script, but this would seem to > be dangerous given my low opinion of NT4 in a DMZ environment. Several possibilities exist: - Have your external partner add a route to your network manually into his routing table. - Install a VPN pointing to any FreeBSD box supporting it. - Use any secure tunnel (needs two boxers, one at your partner, one inside your network). - Have your firewall forward unusual ports to the NT box. (e.g. firewall/port 230 -> NT box/port 23 to forward telnet access). Your application must be able to specify unusual ports to use this. HTH -Christoph Sold To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AAC802F.16A96146>