Re: Port forwarding on a NAT firewall

To: Antony <antony@antgel.co.uk>
Cc: debian-user@lists.debian.org
Subject: Re: Port forwarding on a NAT firewall
From: Ricky Clarkson <ricky.clarkson@gmail.com>
Date: Fri, 2 Jul 2004 14:06:07 +0100
Message-id: <[🔎] 7eeb06460407020606595e26c1@mail.gmail.com>
In-reply-to: <[🔎] 4102.82.70.62.110.1088772238.squirrel@webmail.pulsesol.com>
References: <[🔎] 4102.82.70.62.110.1088772238.squirrel@webmail.pulsesol.com>

On Fri, 2 Jul 2004 13:43:58 +0100 (BST), Antony <antony@antgel.co.uk> wrote:

> 1) Set up an email server on the router that relays all mail to the
> private server.2) Port forward (DNAT) port 25 to the private server.
> 
> I don't like port forwarding, as it's always seemed like a kind of bodge,
> but (2) is quicker and easier to setup.  Does (2) have any practical
> negative implications from a security point of view, and does anyone have
> any general views on which solution is better?

Generally speaking, I'd always go for the simplest solution (2).  If
port forwarding seems like a kind of bodge, NAT is the same kind of
bodge.

I don't know the security issues, but I'd rather have my router route
(and in this case masquerade addresses) and not do much else.

Reply to:

References:
- Port forwarding on a NAT firewall
  - From: "Antony" <antony@antgel.co.uk>

Prev by Date: Re: keyboard (console?) problem
Next by Date: Re: Boot to console
Previous by thread: Port forwarding on a NAT firewall
Next by thread: Re: Port forwarding on a NAT firewall
Index(es):
- Date
- Thread