Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Single public ip address

from [Brian Shaw] Network Security [Permanent Link]
Subject: Re: Single public ip address
Date: Fri, 18 Feb 2005 21:05:27 -0400 
  Yes, this is possible.  I have done it on several sites using iptables, NAT,
& port forwarding, running on Linux.  Although, any firewall device should be
able to do this.
  Since each of the tasks you have listed below runs on a different port, you
can use port forwarding to send them to dedicated hosts on either your
internal LAN (VPN) or DMZ (web server).  By sending them to dedicated hosts,
after the firewall inspection/approval process, you reduce the load on your
firewall machine.  You are also then free to use whatever OS/application combo
suits your needs.
  Please feel free to drop me a note if you have any more questions.

Brian


---------- Original Message -----------
From: Kelvin Tarver <ktarver@fitnc.com>
To: firewalls@securityfocus.com
Sent: 17 Feb 2005 09:35:34 -0000
Subject: Single public ip address


Is there a way to have a single ip address do the following:

1)Function as the outside interface of a firewall.
2)Use that same public ip address, and outside interface to function 
as a vpn server. 3) Have the same public ip address PAT to a public 
web Server on the dmz.

The goal is to have the outside interface of a firewall, vpn server, 
and a public webserver to share the one public ip address.

Is this possible?  I'm convienced it isn't possible, but I might be 
missing something.  Any insight on this issue would be greatly appreciated.

Thanks.

------- End of Original Message -------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Single public IP address, Ethan
Next by Date:  Re: firewall suggestion, Kevin Russell
Previous by Thread:  RE: Single public IP address, Ethan
Next by Thread:  RE: Single public ip address, Reynaldo Ruiz Flores
Indexes:  [Date] [Thread] [Top] [All Lists]