Firewall Feature Questions

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View

In the original question below, what feature is it called that I would be
looking for that enables me to map public ip to private ip internally for
certain ports?

If anyone has experience with WatchGuard and the most simple and basic for
the feature I am looking for - what would you recommend?


The router (pseudo firewall - really NAT) maps 3 PUBLIC IP / External
Address (our mail, web site, and FTP) to 3 of the Internal Servers.  It does
a one to map mapping.

Server 1=Exchange 2003/Outlook Web Access(port 80,443) - (public ip to private;
Server 2=Sharepoint Portal 2003/Project Server 2003(port 80 and 443) -
(public ip to private;
Server 3=FTP Site and MS PPTP VPN (port 21,1721) - (public ip to private;

My GOALis to get a Linux firewall that is SIMPLE to use to place between the
internal network and our Internet router.  Also, it has to be able to route
traffic destined on public ip to private ip
same as 1 to 1 NAT mapping but more locked down due to firewall features.
Because multiple servers have port 80 and 443, I can't just do port
forwarding.  It must be intelligent enough to see the URL/URI to forward to
the right box.

Hope this made sense.

What would you guys suggest in terms in the Linux distro with this
capability, and how I should set it up?

Thank you!

Re: Firewall Feature Questions

In response to the first question, that feature is known generically as
Static NAT (Network Address Translation) which may be used in conjunction
with or without dynamic NAT/PAT in the context of IOS features on a Cisco
router.  It is separate and distinct from Cisco's IOS Firewall Feature set,
yet plays a part in securing the internal network from the outside world.

I'm not familiar with WatchGuard.

Quoted text here. Click to load it

Site Timeline