Re: access to IP address for a machine on inet behind a firewall?

To: Ron Johnson <ron.l.johnson@cox.net>
Cc: "Alan E.Davis" <adavis@saipan.com>, debian-user@lists.debian.org
Subject: Re: access to IP address for a machine on inet behind a firewall?
From: Shri Shrikumar <shri@urbyte.com>
Date: 24 Feb 2002 14:48:42 +0000
Message-id: <[🔎] 1014562122.459.9.camel@vishnu>
In-reply-to: <[🔎] 20020223220234.7d5ada1b.ron.l.johnson@cox.net>
References: <[🔎] 20020224133340.280e32dc.adavis@saipan.com> <[🔎] 20020223220234.7d5ada1b.ron.l.johnson@cox.net>

On Sun, 2002-02-24 at 04:02, Ron Johnson wrote:
> On Sun, 24 Feb 2002 13:33:40 +1000 Alan E. Davis <adavis@saipan.com>
> wrote:
> 
> > 4 machines in my classroom are attached to a private IP LAN, which is
> > attached through a gateway to the Inet.  I can FTP and so forth from
> > these machines, but I cannot access them directly through the IP
> > addresses I have been assigned.  I want to set up a web server and
> > also to have access to these machines from home.  
> 
> Because your "interior" LAN boxen have private addresses, you can
> not directly address them from the outside.  That's why they have
> private, or non-routable addresses.  Otherwise, if you could access
> them, then there's a route, so they'd need public, routable addresses!
> Get it?  Or am I rambling incoherently?
> 
> Along comes port-forwarding.  Configure it on the firewall and it 
> allows you to, well, forward all the incoming packets directed at
> port X on the firewall to port Y (which may equal X) on an interal
> machine.
> 
> So, If the firewall has IPs 12.34.56.78 and 192.168.1.1, and 3
> internal machines 192.168.1.2, 192.168.1.3 and 192.168.1.4, then
> I could put an externally accessably http daemon on 192.168.1.3 
> and ftp daemon on 192.168.1.4.
> 
> The ftp and http could both be on 192.168.1.2, but can not have
> http daemons on 192.168.1.2 & 192.168.1.3.
> 
> Note!! ftp is almost as evil as telnet, since it is just as insecure.
> 
> > Is it possible to discover what INET IP addresses are assigned to
> > these machines (if any)?  How can I learn what IP address a machine
> > outside the LAN associates with my machine? 
> 
> No, but ssh is your friend!  ssh to the firewall, then from there,
> ssh to any other internal 

You could also use VPN - I have four machines at my home office and my
brother and I wanted to play half-life with a friend of ours (who had
cable internet and so do we). Problem was that when authenticating - it
said both me and my brother had the same cd key.

The only solution was if we played a lan game as opposed to an internet
game.

To do this, I set up NT to be a VPN server (I could've used Linux but I
needed Netbios Tunnelling and also to recompile the kernel - which I was
not keen on doing again).

Now the external computer can log onto this network and pretend like it
was connected directly to the hub.

You can do the same with Linux - 

apt-get install pptpd

for more info try,

man pptpd.

There are also some howtos that you find easily from google.

This of course does not work for web access for other people, only for
you / someone else to be able to access the LAN.

Good luck,

Regards,

Shri

Reply to:

References:
- access to IP address for a machine on inet behind a firewall?
  - From: Alan E.Davis <adavis@saipan.com>
- Re: access to IP address for a machine on inet behind a firewall?
  - From: Ron Johnson <ron.l.johnson@cox.net>

Prev by Date: Re: RAID 1 setup on woody
Next by Date: Mouse hangs in X
Previous by thread: Re: access to IP address for a machine on inet behind a firewall?
Next by thread: Mail clients (and text editors)
Index(es):
- Date
- Thread