Then replace the MASQ device with a Linux box. A way a host on the Internet can connect to a host on a private LAN is to use port forwarding on the MASQ device, e.g., port 2121 on the MASQ device is forwarded to port 21 on the masqueraded host. I have done this with several hosts and SSH and HTTPS. Jeffrey Quoting Raymond Fung <raymondf@acm.org>:
But this dynamic IP address is just the IP address of the MASQ device, while the real hosts are using private IP addresses. The MASQ device may not have port mapping function to reverse map an incoming socket connection onto an internal private IP host.
Regards, Raymond.
Purple Shirt wrote:
couldn't you also just run dynamic ip software to keep track of the dynamic ips of site 1 and 2 and therefore always know their ip. this software could be housed on site 3.
From: Raymond Fung <raymondf@valentia.com.hk> To: suse-linux-e <suse-linux-e@suse.com> Subject: [SLE] interesting idea Date: Thu, 22 Mar 2001 05:32:02 +0800
Dear all,
I have an interesting idea here, but don't know if it is feasible to implement nor what kind of tools are needed to implement so. The situation is as follow :
There are 3 physically disjointed sites, all are LAN of computers. Two of the sites (namely site 1 and site 2) connects to the Internet through some masquerading / NAT device using dial-up connections (thus using dynamic IP and private IPs), while the third site (site 3) has fixed IP address. Now, computers in site 1 wants to telnet into computers in site 2. As both sites doesn't have fixed IP, can I make use of site 3 such that some software is run on a host at site 3 waiting for connection from computers from site 1 and 2. After the two connection are made, something like a VPN can be established through this site 3 host to link site 1 and 2 together ? It would be great if I can do whatever service available (such as ftp, telnet etc.) between site 1 and site 2. This can be represented as the diagram below :
+------------------+ | site 3 host with | | fixed IP | | | | +--+ +--+ | | | ?| <-->|? | | | +--+ +--+ | | | | | +------------------+ | | | | +--------------+ | | +--------------+ | site 1 host | | | | site 2 host | | with dynamic | +------+ | | +------+ | with dynamic | | IP address | --->| MASQ |------+ +----| MASQ | <---| IP address | | | |Device| |Device| | | +--------------+ +------+ +------+ +--------------+
Assumes that all computers are Linux based, can this be made possible ? What tools do I need to use ?
Regards, Raymond Fung.
_________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com
-- I don't do Windows and I don't come to work before nine. -- Johnny Paycheck