Have a question or want to start a discussion? Post it! No Registration Necessary. Now with pictures!
- Mike Allen
May 5, 2005, 7:22 am
rate this thread
In the original question below, what feature is it called that I would be
looking for that enables me to map public ip to private ip internally for
If anyone has experience with WatchGuard and the most simple and basic for
the feature I am looking for - what would you recommend?
The router (pseudo firewall - really NAT) maps 3 PUBLIC IP / External
Address (our mail, web site, and FTP) to 3 of the Internal Servers. It does
a one to map mapping.
Server 1=Exchange 2003/Outlook Web Access(port 80,443) - (public ip
100.100.100.100 to private 192.168.1.10);
Server 2=Sharepoint Portal 2003/Project Server 2003(port 80 and 443) -
(public ip 100.100.100.101 to private 192.168.1.11);
Server 3=FTP Site and MS PPTP VPN (port 21,1721) - (public ip
100.100.100.102 to private 192.168.1.12);
My GOALis to get a Linux firewall that is SIMPLE to use to place between the
internal network and our Internet router. Also, it has to be able to route
traffic destined on public ip xxx.xxx.xxx.xxx to private ip xxx.xxx.xxx.xxx-
same as 1 to 1 NAT mapping but more locked down due to firewall features.
Because multiple servers have port 80 and 443, I can't just do port
forwarding. It must be intelligent enough to see the URL/URI to forward to
the right box.
Hope this made sense.
What would you guys suggest in terms in the Linux distro with this
capability, and how I should set it up?
Re: Firewall Feature Questions
In response to the first question, that feature is known generically as
Static NAT (Network Address Translation) which may be used in conjunction
with or without dynamic NAT/PAT in the context of IOS features on a Cisco
router. It is separate and distinct from Cisco's IOS Firewall Feature set,
yet plays a part in securing the internal network from the outside world.
I'm not familiar with WatchGuard.
- » Digital Printing Malaysia | Printing Company Malaysia| Dot2Dot
- — Newest thread in » Cisco Certification
- » You probably don't know the answer but what allows WiFi scanning anyway?
- — The site's Newest Thread. Posted in » Wireless Networking