[Gllug] Network configuration
Jack Bertram
jack at jbertram.net
Fri Jun 20 10:22:23 UTC 2003
* Tethys <tet at accucard.com> [030620 11:16]:
> Jonathan Dye writes:
> >I want the machines to be public accessible and then use the firewall to
> >choose what actually gets in. For example I want to be able to ssh into any
> >of the internal machines.
>
> Use port forwarding on the firewall.
>
> >Therefore I though my options were to either give them all real IP
> >addresses or to re-write the public addresses to private addresses
> >with a one to one mapping at the firewall. I thought the former would
> >be simpler.
>
> I guess the level of difficulty depends on the individual in question,
> but I'd have gone for NATing with port forwarding (in fact, I *did*
> go for that option :-) My home setup looks pretty my exactly like yours,
> except that I have a few more machines behind the firewall...
Doesn't this mean that, for example, if you want to ssh to 1 of 10
machines behind the firewall, then you have to remember which strange
port number on the firewall to use to ssh to each machine?
If you have public IPs, then I think proxy arp is a very simple solution.
jack
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list