From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Dharmendra.T" Subject: Re: AW: natting help needed urgently. Date: 08 Sep 2003 11:01:44 +0530 Sender: netfilter-admin@lists.netfilter.org Message-ID: <1062999111.960.11.camel@india.nsecure.net> References: <65F646CE24EBF24AA3714070D537988E06FA62@gargoyle.seaan.net> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=-dSbgEdW0qZWwpzqAMCWl" Return-path: In-Reply-To: <65F646CE24EBF24AA3714070D537988E06FA62@gargoyle.seaan.net> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: mailinglists Cc: Payal Rathod , netfilter@lists.netfilter.org --=-dSbgEdW0qZWwpzqAMCWl Content-Type: text/plain Content-Transfer-Encoding: 7bit Hi, But it is not recommended to route the packets from external to internal servers. There are chances that the attacker gets the details on the internal network which most admins don't want to do. -- Regards Dharmendra.T dharmu@nsecure.net Linux Security and Administrator. On Sat, 2003-09-06 at 17:27, mailinglists wrote: Hi Payal, just a quick one before I go home again. In this scenario I woudln't use NAT on the Linux box. Makes things more difficult. Don't forget to set a route on your router with gw linuxbox to subnet windowsbox. HTH Philipp > I have asked this before but nobody responded. Is this un-do-able? > I have a windows box which is on intertnal ip 192.168.10.3. I want the > outside world to access the servers (ftp, http, smtp, pop3) from it. > The scene is something like this, > > > +----------+ +--------------+ +---------------+ > | +---><--+ Linux +---->--<-+win2k | > |router | | (1.2.3.4) | | (192.168.10.3)| > +----------+ +--------------+ +---------------+ > > I am not able to redirect any request for windows box from > outside world > to internal machine 192.168.10.3 > > Please help me to solve this problem. > > Waiting eagerly for any help on this. > > With warm regards, > -Payal > > -- > "Visit GNU/Linux Success Stories" > http://payal.staticky.com > Guest-Book Section Updated. > > --=-dSbgEdW0qZWwpzqAMCWl Content-Type: text/html; charset=utf-8 Hi,

But it is not recommended to route the packets from external to internal servers. There are chances that the attacker gets the details on the internal network which most admins don't want to do. 
-- 
Regards
Dharmendra.T
dharmu@nsecure.net
Linux Security and Administrator.


On Sat, 2003-09-06 at 17:27, mailinglists wrote: 
Hi Payal,

just a quick one before I go home again.

In this scenario I woudln't use NAT on the Linux box. Makes things more difficult. Don't forget to set a route on your router with gw linuxbox to subnet windowsbox. 

HTH
Philipp

> I have asked this before but nobody responded. Is this un-do-able?
> I have a windows box which is on intertnal ip 192.168.10.3. I want the
> outside world to access the servers (ftp, http, smtp, pop3) from it.
> The scene is something like this,
> 
> 
> +----------+       +--------------+         +---------------+
> |          +---><--+ Linux        +---->--<-+win2k          |
> |router    |       |  (1.2.3.4)   |         | (192.168.10.3)|
> +----------+       +--------------+         +---------------+
>                                   
> I am not able to redirect any request for windows box from 
> outside world
> to internal machine 192.168.10.3
> 
> Please help me to solve this problem.
> 
> Waiting eagerly for any help on this.
> 
> With warm regards,
> -Payal
> 
> -- 
> "Visit GNU/Linux Success Stories"
> http://payal.staticky.com
> Guest-Book Section Updated.
> 
> 











--=-dSbgEdW0qZWwpzqAMCWl--