Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
?????? NAT and Web server.
- Thread starter jamin123
- Start date
i think that this is going to depend on how that service works. i took a look at their website, and i am not sure if this would work or not. I think that they have a cliient that you install that contacts their servers when you connect to the internet, then gives your IP to their servers, and their servers then associate this IP with you domain name. If this is how it works, and the client uses the IP address configured on your local PC then i do not beleive that this would work, since the IP on the local PC is not going to be in the public internet address space. If their servers simply use the source address of the incoming packet, it might work, since the router will translate.
If you are wanting to run a website, I would suggest registering a domain name at a place like register.com and paying a company 10-20 dollars a month to host it....
hope this helps. Erik Rudnick, CCIE No. 9545
mailto:erik@kuriosity.com
If you are wanting to run a website, I would suggest registering a domain name at a place like register.com and paying a company 10-20 dollars a month to host it....
hope this helps. Erik Rudnick, CCIE No. 9545
mailto:erik@kuriosity.com
There are any number of kludges to get around the issue
of being a dhclient but since you basically have a situation
where you have to tell:
a) The nat implementation on the router how to dynamically configure a static map based on the internal clients
obtained address.
b) The dns2go people about the routers obtained address.
I'd suggest you look at a different means of
implementing your web and nameservice.
Assigning an internal dhcp exception for your webserver and giving it a static private address is the first step.
of being a dhclient but since you basically have a situation
where you have to tell:
a) The nat implementation on the router how to dynamically configure a static map based on the internal clients
obtained address.
b) The dns2go people about the routers obtained address.
I'd suggest you look at a different means of
implementing your web and nameservice.
Assigning an internal dhcp exception for your webserver and giving it a static private address is the first step.
It will work. Your NAT outside needs to know about the DHCP changes and then change the mapping to the webserver. Use a service like which specializes in this sort of thing. TZO uses a small agent that pings home using ICMP to check the IP. WHen it changes, the agent sends the new IP back to the DNS servers which then automaticily update the DNS record. Given most cable providers dont change the DHCP but every 60-90 days, it works pretty well for most people.
I would highly recommend the following design to keep people OFF your private network.
internet--FW1 ---HUB----FW2 -----LAN
|---Webserver
You've set up a poor mans DMZ for the server. Port 80 requests will stop there. Set the first firewall up to send everything else to the outside interface of FW2.
I have something very close to this running right now, dual NAT.. ie.. NAT on both FWs. FW1 is an older WEbRamp and FW2 is a 2514 with FW IOS loaded. It's been this way for two years with only a few minor troubles.
Erik does have a point though about just paying someone to host the site. Unless you want to spend some time doing serious hacking on PHP, CGI, PERL etc that requires root access. Most hosting services only give you FTP access unless you pay a premium price for the telnet/root access.
MikeS Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
I would highly recommend the following design to keep people OFF your private network.
internet--FW1 ---HUB----FW2 -----LAN
|---Webserver
You've set up a poor mans DMZ for the server. Port 80 requests will stop there. Set the first firewall up to send everything else to the outside interface of FW2.
I have something very close to this running right now, dual NAT.. ie.. NAT on both FWs. FW1 is an older WEbRamp and FW2 is a 2514 with FW IOS loaded. It's been this way for two years with only a few minor troubles.
Erik does have a point though about just paying someone to host the site. Unless you want to spend some time doing serious hacking on PHP, CGI, PERL etc that requires root access. Most hosting services only give you FTP access unless you pay a premium price for the telnet/root access.
MikeS Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question