Displaying 20 results from an estimated 10000 matches similar to: "Fwd: Two servers HTTP on DMZ"
2005 May 28
4
ADSL Network
Hi Guys,
Thi sis my first post, sorry for my english, I''m Italian.
I desperate try configure home server/router connected over ADSL with
dynamic IP.
I''ve registered to no-ip and in order to connect externaly to my home
server. My system is gentoo based.
I''ve just installed different pubblic servers with static IP and
shorewall and had no problems, but my own home
2006 Apr 27
0
Communication problem with virtual DMZ
Hi all,
I am running Xen 3.0.2-2 (taken from XenSource) with Linux kernel
2.6.16 (taken from Debian Sid), I compiled Xen and 2 kernels
(dom0 and domU).
Here is the ascii-art of my setup:
------------ -------------
| LAN |------------------------| waste | 192.168.0.94/24
------------ -------------
|
·····························
2012 Mar 05
0
routing and virtual machines: how to access dmz if bridged to two networks
I am not quite sure if this issue relates to iptables, routing or Xen
virtual machines. Too many variables for my simple mind, so I'm asking
some advice :)
This is my network setup:
Internet --- eth2 + CentOS dom0 / firewall / router + eth1 (xenbr1)
--- LAN with private IPs --- separate file server and workstations
+
eth0 (xenbr0)
2003 Oct 22
2
help seeing DMZ from LOC
I have a three interface network (net,loc,dmz).
The internet interface (eth0) has a static IP.
Windows machine in the local network (eth1) use DHCP to get IPs from
the 192.168.10.0/24 netblock.
The Debian machine in the DMZ (eth2) gets a fixed IP through DHCP in
the 192.168.11.0/24 netblock.
The DHCP server is running on the firewall machine (not ideal, I know,
but that''s the way
2004 Nov 01
2
dmz setup
I am trying to add a machine into my dmz. It is the first machine I''ve
ever added to this dmz and fro some reason I cannot establish
communication between the dmz and the machine.
Here is an example of my setup:
ISP router --> firewall (eth0)
firewall (eth1) --> local network
firewall (eth2) --> DMZ
eth0 and eth2 have public IP addresses as does the machine I just added
to
2003 Jan 14
1
Two web servers on DMZ zone with private addresses. How to?
Two quick questions to the group:
Anyone seen this before:
Jan 14 02:55:45 gw1 kernel: Shorewall:all2all:REJECT:IN=eth1 OUT=eth0 SRC=66.58.99.83 DST=170.224.8.51 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=38676 DF PROTO=TCP SPT=1735 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
I mean my web server is trying to replay to some external host 170.224.8.51 (p.moreover.com) for some reason. What could be? It
2003 Jan 02
1
mail server in dmz
Hi, in a three interface firewall I have
eth0, loc, 10.1.5.1/16
eth1, int, 200.41.61.228/29
eth2, dmz, 192.168.1.1/24
(un)fortunately I got a group of public ip?s to use, so here is my problem
in the dmz I have 192.168.1.3 redirected from eth1 alias 200.41.61.226 (a web server,
works perfect).
I am trying to set up a mail server also, a different machine, so I can?t use proxyarp, as
with this,
2003 Jan 14
1
Two web servers on DMZ zone with private ad dresses. How to?
That log message looks like someone (or some program) is trying to browse to
moreover.com from your web server machine--it''s not a reply to an external
request. You''d see messages like that if you were running some sort of HTTP
proxy server (like Squid) on that box (although they''d likely be to multiple
IPs, unless your users only browsed to p.moreover.com). It could
2005 Sep 29
0
FWD via Trunk from DMZ to LAN
2002 Dec 31
1
Big Brother with Shorewall loc dmz zones?
How would I use Big Brother with Shorewall and my loc and dmz zones to
monitor hosts in both zones?
If Big Brother''s server is on my LAN (loc) is it "safe" to forward the bb
port from the dmz to the LAN? What would the security risks of this be?
Common sense says that it may not be a good idea to forward stuff from the
dmz to the LAN, but I''m inexperienced and unsure
2004 Jul 27
2
icmp traceroute from dmz behind proxy-arp - icmp code 11 ?
hello there,
im running a 3interface inet, dmz, loc. i have some public ip addresses.
one public address is the router of the provider, the second one is the
linux box running shorewall. all other public interfaces are on the dmz
nic with proxy-arp.
now whenever i do a traceroute (the dmz boxes are windows, icmp
traceroute) the very first hop gets timeout/stars, then the router of
the provider
2008 Aug 14
1
[OT] VPN/DMZ best practices
There is such a wealth of knowledge and personal experience on this list
that I'd like to get your opinions on our current situation.
Currently, we have a simple tri-homed firewall with the internal network
on one interface, the dmz on another, and the dirty internet on the
last. Also, there is a spare interface on the box which is unused. We
use CentOS and manually maintain our rule sets
2004 Nov 26
3
[OT] - Problem in DMZ
Hi everyone,
Sorry for asking OT here, but I need your expertise :-)
I am running a standard 3 I/F net, dmz, loc Shorewall 1.4.7 on a RH 9 server
In the DMZ I have a web shop running with DNAT from the external address to
the DMZ - this all works
I want to add a develop server in the DMZ with external access so I set this
up as per the live server and from internal network it works, but from
2007 Jul 26
2
DMZ and LOG
Hello !!
I ve just install shorewall-common and shorewall-shell
I can''t defined a network using the CIDR format for my DMZ in /etc/shorewall/hosts
fast eth2:172.17.0.0/16
epac eth2:172.18.0.0/16
fsa eth2:172.19.0.0/16
bu eth2:172.20.0.0/16
recto eth2:172.21.0.0/16
dmz eth1:81.91.225.224/27
I receive this error:
ERROR: Invalid zone definition for
2003 Jan 13
4
DMZ hosts gateway
Hi everyone,
I have a question regarding the default gateway for hosts on DMZ zone. I moved servers from parallel to the DMZ (outside the firewall, directly connected to I-net) to inside DMZ. The default gw for these servers was the DSL router(bridge) of my ISP.
What should be the default gw (for the hosts inside the DMZ), when hosts are inside the DMZ now - still the DSL router (external
2012 Mar 13
0
External trust / DMZ (nsswitch vs wbinfo)
Hello,
Summary: a Linux server joined to domain GODMZ (which trusts another domain
GOCORP), without network access to GOCORP domain controllers can
authenticate but not retrieve user information (id) even though wbinfo -n
can resolve a name to SID.
Long:
We have two domains, both at server 2003 functional level. GOCORP contains
users and intranet servers. GODMZ contains servers in the DMZ (web
2005 Jun 16
1
RE: Setting up a routed DMZ -CLOSED
My sincere apologies to all on this list. After looking for returning
packets with tcpdump and not finding ANY I called our provider to
confirm our IP assignment. The IP range that I was given by my boss was
incorrect. After adjusting the ip assignments, everything is working
perfectly. Thank you all for your time in troubleshooting this, and I
hope to be able to return the favor at some
2004 Aug 22
6
LAN to DMZ zone issues.
Hello all,
Name is Andrew and in desperate need of some info.
Setup:
- Mandrake 9.1 with three interfaces
(eth0 --> WAN) C-class /28 network (with tree virtual addresses which I
am DNAT-ing to the DMZ)
(eth1 --> LAN) A-class 10.0.0.0/8
(eth2 --> DMZ) A-class subnet 10.1.123.0/24
- Running stock Shorewall ver: shorewall-1.3.14-3.1.91mdk
Dilemma:
- LAN can not access the DMZ zone
2005 May 06
1
NAT and DMZ
Hi,
I have this case:
My Shorewall is a internet gateway:
(fw) eth0 -> 200.209.100.0/30
(loc) eth1 -> 192.168.0.0/24
(dmz) eth2 -> 200.209.100.8/30
In the DMZ, I have another linux, with a web server too.
eth0 -> 200.209.100.10/30 - running Apache at port 1700
eth1 -> 192.168.0.0/24
My problem is:
I need to make a NAT, from my local
2004 Nov 08
2
Windows Update and DMZ
I am running a LEAF Bering firewall with a DMZ at one of my client''s sites.
The client has a Windows IIS server set up in the DMZ. The DMZ rules block
all outgoing connections on all ports.
The client wants to be able to run Windows Update on the server, which uses
ports 80 and 443. However, opening all port 80 and 443 connections from the
server to the net zone is not an option,