Date: Mon, 03 Feb 2003 17:33:40 -0500 From: Bill Moran <wmoran@potentialtech.com> To: Peter <fbsdq@kuyarov.org> Cc: freebsd-questions@freebsd.org Subject: Re: FBSD firewall in front of windows IIS servers HOW Message-ID: <3E3EEE44.9040706@potentialtech.com> References: <20030203152311.7af897d4.fbsdq@kuyarov.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[Please wrap lines to a reasonable length] Peter wrote: > Hello, > Just wondering what would be the best way to do this... > > > INTERNET----FBSD FIREWALL----WINDOWS IIS SERVER > > > Basically what would be the best way to have freebsd accept incoming connections, run them > thru the firewall, and all the packets that pass forward them to internal windows machines. > I dont' want the windows boxen directly on the net, I want to put a FBSD firewall in front > of them, and so far the best option I've found on how to do this is to have the windows boxen > be 192.168.x.x and have the fbsd boxen forward all connections to "public_ip" to the windows > box via natd. Does this seem like a good plan? Or anyone know of another better way to do this? That's how I would do it. I can't think of a better way, off the top of my head. Unless you want to proxy. You could set up FreeBSD with squid configured to reverse proxy, which should reduce internal traffic and increase performance. I don't know what your situation is, but I wouldn't bother with squid unless I was experimenting with squid or had a situation where the IIS servers were getting hammered by requests. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E3EEE44.9040706>