Re: NATting v4 addresses to v6
>>>>> "Alastair" == Alastair McKinstry <mckinstry@computer.org> writes:
Alastair> On Sath, 2005-01-08 at 08:47 +1100, Peter Chubb wrote:
>> >>>>> "Alastair" == Alastair McKinstry <mckinstry@computer.org>
>> writes:
>>
Alastair> Hi, I was wondering could you please suggest a solution to a
Alastair> NAT problem.
>> If the access points are managed via a web interface (many are)
>> use something like polipo, which is a web proy that can do IP6 to
>> IP4 proxying.
Alastair> Thanks for the pointer but I'm not sure I understand how
Alastair> this works. I can see how to use polipo to reach public
Alastair> IPv4 sites from an IPv6-only network, but how do I set up
Alastair> names so that I can reach ap1.pop1.isp.net (192.168.1.1
Alastair> locally in pop1.isp.net) and ap1.pop2.isp.net (192.168.1.1
Alastair> within pop2.isp.net)?
Set up polipo (or any other IPv6 enabled web proxy) on some machine
inside your private network to listen on some port in ipv6 space;
protect it with tcpwrappers so that only authorised users can get at
it, and then point your ipv6 enabled browser (outside the network) at
it as its proxy. Because it's inside the network, it can see your
private addresses and DNS.
Another simpler and more secure alternative might be to use ssh and
port forwarding, if you can allow logins onto any machine inside your
firewall. SSH can forward via ipv6 to an ipv4 address.
Something like this:
ssh -R 3128:192.168.1.2:80 ipv6address-of-machine-inside-firewall
means that connections to port 3128 on localhost will connect to port
80 on host 192.168.1.2.
Peter C
Reply to: