Network Security: Detailed info on Re: Single public ip address

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Firewalls

[Top] [All Lists]

Re: Single public ip address

from [Chris Buechler] Network Security

[Permanent Link]

Subject:	Re: Single public ip address
Date:	Sat, 19 Feb 2005 01:59:37 -0500

On 17 Feb 2005 09:35:34 -0000, Kelvin Tarver <ktarver@fitnc.com> wrote:



Is there a way to have a single ip address do the following:

1)Function as the outside interface of a firewall.
2)Use that same public ip address, and outside interface to function as a vpn 
server.
3) Have the same public ip address PAT to a public web Server on the dmz.

The goal is to have the outside interface of a firewall, vpn server, and a 
public webserver to share the one public ip address.

Is this possible?  I'm convienced it isn't possible, but I might be missing 
something.  Any insight on this issue would be greatly appreciated.


That's possible.  The services you want will probably be IPsec (UDP
500) and HTTP (TCP 80), and since those are different ports you can
use the same public IP.  Every firewall I've seen will let you use the
WAN IP for VPN as well as inbound NAT.  You would need multiple public
IP's if you need multiple services on the same port (i.e. two web
servers, for example).

-Chris

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Single public ip address, (continued) Re: Single public ip address, Jonathan Glass Re: Single public ip address, Kevin Stoll Re: Single public ip address, lonely wolf RE: Single public IP address, Ethan RE: Single public IP address, Hesperia DOS-IT Security RE: Single public IP address, Clay Wells RE: Single public IP address, Ethan Re: Single public ip address, Brian Shaw RE: Single public ip address, Reynaldo Ruiz Flores RE: Single public ip address, Mike Murphy Re: Single public ip address, Chris Buechler <= RE: Single public ip address, Kevin Doheny RE: Single public ip address, mbeck RE: Single public ip address, Jason Ha RE: Single public ip address, Andrew Shore Re: Single public ip address, Fredrik Widlund

Previous by Date:	RE: Single public ip address, Andrew Shore
Next by Date:	RE: Single public ip address, Reynaldo Ruiz Flores
Previous by Thread:	RE: Single public ip address, Mike Murphy
Next by Thread:	RE: Single public ip address, Kevin Doheny
Indexes:	[Date] [Thread] [Top] [All Lists]