DMZ with SME server.
Lisa Kachold
lisakachold at obnosis.com
Sun May 24 12:09:05 MST 2009
Hi Matthew:
On Sun, May 24, 2009 at 9:16 AM, Matthew A Coulliette <matthewlug at cox.net>wrote:
> Hi everyone,
>
> I have drawn and attached a flow chart of my computer network. I used
> openoffice.org-draw. Conventions I used in drawing the diagram:
> (computer name), and [description].
>
> Status: Green and Red zones are currently working. Blue and Orange
> zones are currently not working.
>
> My target for this email is to get help with setting up the DMZ and the
> SME server.
>
> Eventually, I will need the computers on the green zone to have access
> to the web page provided by my web server, and I would like to backup
> the SME server hdd to my data server once per week.
>
> The goal of the network is to have a 4 zone IPCop Firewall/Router. A
> green local network with workstations and a data server. A blue
> wireless network for laptop access to the green network. An orange DMZ
> for the SME/WEB server, and red would be the www.
>
> IPCop Manual: "When you set up your server, you can
> choose the receiving or “listening” ports..." Once those receiving
> ports are ready, you are ready to enter information into the AW on
> IPCop." How do I set up the listening ports on SME server? Can I
> set this up during the installation of SME server?
>
> I have entered info into the AW on IPCop. I forwarded port 80 from the
> red ip (98.172.82.XXX) to port 80 on the SME ip (192.168.2.2) in the
> IPCop web admin page.
>
> SME server manual: it describes the difference between a routable and
> non-routable ip address. I am not sure which one I am using. I believe
> that I am using a non-routable ip address. Can someone tell me what the
> IP address for my SME server should be, in order for it to be routable?
>
> SME server manual: "Some ISPs block outgoing HTTP connections, forcing
> you to use their proxy server. This interferes in a few minor ways with
> your server (e.g., the test for Internet connectivity will fail
> erroneously)." My test for Internet connectivity always fails.
> "However, using the ISP's proxy server will normally work fine." I
> believe that I have this problem. Will the COX proxy server work in my
> situation? How can I find out about the COX proxy server? Call them?
Cox does not allow incoming port 80 connections; you must use a URI
forwarder like DYNDNS.org or publish your URL via
http://$dynamicip:8008/index.html
using the unique port of 8008 for instance. Apache or any web server can be
configured to run on a non-standard port.
Of particular note, Cox also does not, by their Acceptable Use agreement,
that we all contracted to abide by, allow "servers". If they notice you
have a great many inbound packets for servers, they will set the dhcp lease
at one day. Be warned, you are treading a grey--> red line here.
>
>
> SME server manual: Does COX publish the DNS address records,
> (information associated with the name of my web server), allowing other
> DNS servers to lookup my domain information?
>
> Many thanks in advance for your replies and advice. - MatthewMPP
>
> Your domain name must be registered and primary NS records exist with a
primary NS authorityt (see whois information) to include an A entry for your
web server that matches the dynamic dhcp address issued by Cox. Scripts and
software clients exist for dynamic dns that will automatically update your
dns record when the lease expires and the ip changes.
FreeDNS, UltraDNS, dyndns.org all can do this, for varying fees in various
ways.
--
www.obnosis.com (503)754-4452
"Contradictions do not exist." A. Rand
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20090524/1182ea59/attachment.htm
More information about the PLUG-discuss
mailing list