Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: NAT with out crossing a firewall.

from [List Account] Network Security [Permanent Link]
Subject: RE: NAT with out crossing a firewall.
Date: Fri, 15 Apr 2005 15:33:25 -0400 
Matt,
Different NAT engines have different syntaxes, but what you want to do is:
 
Original Source: Web Server Internal
Translated Source: WAN Primary IP
Original Destination: Web Server Public
Translated Destination: Original
Original Service... you get the point.. which is you need to use the NAT
engine to translate your web servers private IP to the WAN public IP when it
needs to access it's own public IP. 
 
The term is "DNS Loopback" FYI.

I hope I made sense there.
 
Nathan Grandbois
Cerdant, Inc.
614.717.0123 ext. 26 

-----Original Message-----
From: Matthew MacAulay [mailto:matthew.macaulay@cobweb.co.uk] 
Sent: Thursday, April 14, 2005 12:08 PM
To: firewalls@securityfocus.com
Subject: NAT with out crossing a firewall. 


Hello,
 
We have a web server which is behind a firewall. The web server has a
private IP address. The Firewall NAT's from a public IP address to the
private IP address for HTTP and HTTPS traffic. This works well. 
 
I have been asked to allow the web server to be able to browse to its public
IP address. As the HTTP / HTTPS request is not going to cross the firewall
the packet is never going to be translated from the public IP address to the
private. Thus will never be able to browse its self...
 
With out putting an entry in the host file of the server to resolve the web
url to the local host is there anything that could be done on the firewall? 
 
This must happen a lot in a hosted environment so much so it must have a
term?
 
Any help or pointers welcome. 
 
Regards,
 
Mat. 
 
  
----------------------------------------------------------------
The information in this email is confidential and may be legally
privileged. It is intended solely for the addressee. Access to
this email by anyone else is unauthorised. If you are not the
intended recipient, any disclosure, copying, distribution or any
action taken or omitted to be taken in reliance on it, is
prohibited and may be unlawful. If you have received this
communication in error please return it to the sender, then
delete and destroy any copies of it.
----------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Question - Advice needed., Andrew Rogers
Next by Date:  emailing SmartView Status alerts, Boylan, Heather (STP)
Previous by Thread:  Re: NAT with out crossing a firewall., Robert Hajime Lanning
Next by Thread:  CISCO PIX expert needed, dave kleiman
Indexes:  [Date] [Thread] [Top] [All Lists]