[UNCLASSIFIED]RE: [clug] IPCop problem

McClure, Mike mike.mcclure at rosslogic.com
Wed Oct 5 03:35:26 GMT 2005 

Do you have to have REAL IP#s on your internal network?

I use 10.x.x.x on my internal, and real IP#s on the DMZ/external link and
NAT the rest.

Mike 

> -----Original Message-----
> From: Younger, Ray MR [mailto:Ray.Younger at defence.gov.au] 
> Sent: Wednesday, 5 October 2005 1:29 PM
> To: Antti.Roppola at brs.gov.au; McClure, Mike; linux at lists.samba.org
> Subject: RE: [UNCLASSIFIED]RE: [clug] IPCop problem
> 
> Mike,
> 
> I only wanted a second IP address from my ISP and they 
> provided me a subnet4.
> I have the PC in my DMZ on the subnet and use it as an 
> Asterisk server for VOIP.
> The web server I believed could be set up on the private 
> network and port 80 Just Natted to it.
> I believe my only other option is to by a bigger subnet and 
> put all the subnet addresses to the DMZ.
> 
> Antti,
> 
> I want port 80 (http) from external(internet) to a web server 
> on the trusted network.
> I can already get access for my phones on the trusted to the dmz.
> 
> 
> Regards
> Ray
> 
> 
> -----Original Message-----
> From: Antti.Roppola at brs.gov.au [mailto:Antti.Roppola at brs.gov.au]
> Sent: Wednesday, 5 October 2005 13:17
> To: mike.mcclure at rosslogic.com; linux at lists.samba.org
> Cc: Younger, Ray MR
> Subject: [UNCLASSIFIED]RE: [clug] IPCop problem
> 
> 
> Ray,
> 
> Somewhere in the IPCop web site is a table that describes
> this behaviour and why it is set up that way. AFAIK, it is possible to
> let the DMZ initiate connections into your trusted network, 
> but doing so
> is initentionally made difficult.
> 
> Antti 
> 
> -----Original Message-----
> From: linux-bounces+antti.roppola=brs.gov.au at lists.samba.org
> [mailto:linux-bounces+antti.roppola=brs.gov.au at lists.samba.org] On
> Behalf Of McClure, Mike
> Sent: Wednesday, 5 October 2005 9:14 AM
> To: 'linux at lists.samba.org'
> Subject: RE: [clug] IPCop problem
> 
> Ray,
> 
> Are you trying to connect to your web server (on the green 
> network) from
> the orange network?
> 
> Things in your DMZ are forbidden from initiating connections to the
> IPCop box and (IIRC) to your green or blue networks.
> 
> Just out of curioisity, whyfore are you putting your webserver in your
> private network not your DMZ?
> 
> Mike(y) 
> 
> --------------------------------------------------------------
> -------- 
> IMPORTANT - This message has been issued by The Department of
> Agriculture, Fisheries and Forestry (DAFF).  The information 
> transmitted
> is for the use of the intended recipient only and may contain
> confidential and/or legally privileged material.  It is your
> responsibility to check any attachments for viruses and defects before
> opening or sending them on.  
> Any reproduction, publication, communication, re-transmission,
> disclosure, dissemination or other use of the information contained in
> this e-mail by persons or entities other than the intended 
> recipient is
> prohibited.  The taking of any action in reliance upon this 
> information
> by persons or entities other than the intended recipient is 
> prohibited.
> If you have received this e-mail in error please notify the sender and
> delete all copies of this transmission together with any attachments.
> If you have received this e-mail as part of a valid mailing 
> list and no
> longer want to receive a message such as this one advise the sender by
> return e-mail accordingly.  Only e-mail correspondence which includes
> this footer, has been authorised by DAFF 
> ----------------------------------------------------------------------
> 

The information contained in this email and any attachments to it:
 
(a) may be confidential and if you are not the intended recipient, any interference with, 
use, disclosure or copying of this material is unauthorised and prohibited; and
 
(b) may contain personal information of the recipient and/or the sender as defined
 under the Privacy Act 1988 (Cth). Consent is hereby given by the recipient(s) to 
collect, hold and use such information and any personal information contained in a 
response to this email, for any reasonable purpose in the ordinary course of 
Ross Human Directions Limited  business (including all of it’s subsidiaries), including 
forwarding this email internally or disclosing it to a third party. 
All personal information collected by Ross Human Directions Limited will be handled in 
accordance with Ross Human Directions Limited Privacy Policy. If you have received this 
email in error, please notify the sender and delete it. 

(c) you agree not to employ or arrange employment for any candidate(s) supplied in 
this email and any attachments without first entering into a contractual agreement with 
Ross Human Directions Limited. You further agree not to divulge any information contained 
in this document to any person(s) or entities without the express permission of 
Ross Human Directions Limited.

More information about the linux mailing list