Good morning,
thank you for your response. I have understood everything (I hope) and I
agree. But I don't want (mustn't <- corp. policy) to use these public
addresses in our private net.
I need every traffic (all ports/protocols) from Internet to our public
address <PUB1> to forward/masq to private address <PRIV1> and the same
thing with the second -- <PUB2> to forward/masq to <PRIV2>.
Is it possible to do it in SuSEfirewall2's configuration? May I use custom
rules?
---
Se srdecnym pozdravem/Best regards
Jan Dus (CNA, CNE, CNS)
AG COM, a.s.
Smirice
Czech Republic
kancelar/office +420 495 421 312
fax +420 495 421 108
Andreas J Mueller
I have enough public IP address - there is no problem but is there a possibility to arrange the same trafic to the second server?
Not as long as your firewall has only one public IP address. If you
have enough public IP addresses, masquerading is not necessary. You
could assign public addresses to your servers and use FW_FORWARD
instead of FW_FORWARD_MASQ. They will still be protected by the
firewall (i.e., only those ports you actually forward from the FW will
be reachable from the outside). I'm sure there are also other
possibilities (SNAT?).
Regards, Andy
- --
Andreas J. Mueller email: