Date: Tue, 14 Feb 2006 01:33:53 +1100 From: Norberto Meijome <freebsd@meijome.net> To: Brian Bobowski <bbobowski@gmail.com> Cc: FreeBSD User Questions List <freebsd-questions@freebsd.org> Subject: Re: Firewall/Web server difficulties Message-ID: <43F098D1.2000708@meijome.net> In-Reply-To: <43F097BC.80308@gmail.com> References: <43F0935B.4020901@gmail.com> <43F095E6.2070901@meijome.net> <43F097BC.80308@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Brian Bobowski wrote: > Norberto Meijome wrote: > >> Brian Bobowski wrote: >> >> >>> All right. I've got my firewall up and running, and my workstation can >>> get almost anywhere it needs to just fine. >>> >> >> you dont' say if you are using ipfw, ipf , pf.... >> >> >> > Sure I do. IPFW; mentioned lower down. sorry my bad >>> I can access it by directly referencing the private-interface IP, but if >>> my workstation tries to get to the public-interface IP, nothing happens. >>> Can't even ping it. ICMP and port 80 TCP should both be allowed from >>> anywhere... but they're not getting through. >>> >> (Assuming all your rules are ok...) AFAIK, you can't access the external >> interface of a NAT'ed system from the LAN side. Simply use a DNS inside >> that resolves the name you try to access to the internal interface >> instead of the external. this is FAQ, i think... >> >> >> > I'm poking at that now, yes. I had difficulty getting it to work with > virtual hosts... but I can at least reference it by the private-side IP > address and get places. assuming you are using Apache, you can use * for Ip address and let it be name-based virt host. >>> (So far as I can tell, it's >>> not just me who's unable to access these.) >>> >> meaning others in your LAN? or others in the WAN? >> >> > WAN. People have tried pinging and browsing, with no success. then I would review the rules... good luck B
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43F098D1.2000708>