1. Home
  2. Networking Firewalls
  3. Can I do this with a firewall? nat with Password!

Can I do this with a firewall? nat with Password!

Hi

We have a URL and access to it is controlled by source IP address, as many of our users increasingly have dynamic IP address we are looking for a quick solution without changing the current system which is hosted off site.

The solution I'm thinking of is to register a new URL point it's "A" record at firewall, set the firewall rules to check the user by prompting for username / password, then set the it to forward everything back out to the net by using Nat and on to the original URL where a connection will be allowed as we will add the new firewall's public IP address to the access list.

It is essential that the traffic flow is kept via the firewall and the we present the firewalls source IP address to the end system not the users.

So setting aside any concerns about how secure either system will be, would this approach work? and examples?

Reply to
Adrian
Loading thread data ...

Your existing system very likely already has a username / password mechanism available. Any reputable hosting company would support it.

You should decide, though, on what level of security is appropriate for the username and password combinations. Unless the name and password is just intended to be a small deterent, then you probably don't want them going out "in the clear". Standard firewall authentication for http URLs uses plaintext, so you'd probably be wanting to switch to https. You may wish to consider leaving your home page as http but have a link or a redirection to https .

Reply to
Walter Roberson

Thanks, and yes the current system is username and password protected, the username and Password from the firewall was only intended as an outer defence.

I'm more concerned with mapping the source IP address and forwarding it is this easily done in a firewall or should I put a NAT router behind it?

Thanks

Reply to
Adrian

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.