Here's my situation:
Hosts on the internal network can access the Internet by masquerading
through the firewall - standard configuration.
The Internet can access a web server residing on the internal network,
because the ip address of the web server is bound as an alias to the
external network card of the firewall. The firewall then port forwards all
traffic from port 80 of this ip to port 80 of the real server's internal ip
address.
My understanding is that the web server is usually setup as a separate box
and thrown in the DMZ. In situations where the web server provides
additional services, like Samba, I understand the next best solution is the
one I've described above.
Here are my questions:
Am I right? Given the circumstances, is this the best solution for my web
server?
How come hosts on the internal network can't access the web server using
it's Internet address? If it's possible to do this, how can I configure it
(without using the lmhosts file on each workstation, please)? Does doing
this open up any security holes I'm not aware of?
Thanks in advance for any information you can send =)
-Ed
ps.... I apologize if I annoy anyone who notices this is the second post
I've made on this issue in the last 24 hours. I think the first message
was a little confusing and I hope to be more clear and specific in this
letter to help people understand what I'm asking.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
