Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] Emulate real ip's to access intranet hosts from outside
  • From: Steffen Dettmer <steffen@xxxxxxx>
  • Date: Mon, 11 Feb 2002 09:51:16 +0100
  • Message-id: <20020211095116.D3203@xxxxxxxxx>
* Ramon Acedo wrote on Sun, Feb 10, 2002 at 23:39 +0100:
> I'd like to access to the hosts of my intranet with private
> ip's from the outside.

You mean, with a public IP (RFC 1918)?

> A real domain name server managed by the computer which has the
> real ip,

"real" -> "routeable"?

> I just want that when someone try to access to
> host1.mydomain.net from the internet my firewall (and dns
> server) forward the request to host1.local which has the
> private ip 192.168.1.20.

What kind of requests do you have?

> I've looking for that in the DNS Howto's but haven't found a
> solution.

You want to forward external DNS queries to the internal LAN? Why
that? I suggest to make the extrenal DNS server responsible
(authorative) for the needed zones.

> I've been thinking of a mix between nat iptables and special
> dns resolving, may be with 2 name server's one for the intranet
> and the other one for the internet.

Why do you think you need this? A routable IP can get a ordinary,
external name, I don't see a need for special DNS handling here.

The other poster suggested TCP portforwarding. Well, this won't
work with DNS and various other protocols. You can try to forward
a complete IP, this makes things with dynamic ports working,
well, but maybe you explain a little bit more detailed what you
need.

oki,

Steffen

--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

< Previous Next >
References