Hi Leonardo,
I have no administrative access rights on the three servers outside to
change any network settings. :-(
I can only modify the firewall-rules on the server in the middle.
SSH tunnel would be possible, of course - but it would be an
additional step for the users each time they want to connect to
the servers outside - and i have to allow ssh-access on the server
in the middle, what I'd like to avoid.
Thanks a lot
-Marc-
Leonardo Boselli schrieb:
> Il 13 Jul 2005 alle 14:41 Marc Mueller immise in rete
>
>>The Problem is that i dont know how i can do SNAT and DNAT at the same
>>time and I can't use static Entries for the back-path, becourse the
>>IP-address of the client is dynamic.
>
>
> Just keep active nat from the three server to outside, or this is a
> security concern ?
> or use a ssh tunnell .....
> --
> Leonardo Boselli
> Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile
> Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze
> tel +39 0554796431 cell +39 3488605348 fax +39 055495333
> http://www.dicea.unifi.it/~leo
>
>
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment