[CentOS] firewall dilemma
JC
hiep at ee.ucr.eduWed Nov 2 14:53:54 UTC 2005
- Previous message: [CentOS] grub booting from software raid problem
- Next message: [CentOS] firewall dilemma
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi everyone, I have this problem that I'm not sure what's the best solution for it. I need your input & help... I have an internal network behind a hardware firewall. All traffics go thru. the firewall. One of the firewall's rules is that it doesn't allow internal network accesses internal resources that travels outside then come back. In the other words, it drops all packets originate from inside the network that travels outside and then come back to access internal resources. For example: I have web server (used internal ip 10.1.1.10) behind the firewall, internal network can access this web server with http://10.1.1.10, but they can't access http://www.mydomain.com. Assume that I have static IP (xxx.xxx.xxx.xxx) maps to 10.1.1.10 and dns record www.mydomain.com points to xxx.xxx.xxx.xxx What I want is to allow users inside the network be able to access http://www.mydomain.com instead of http://10.1.1.10 Here is my question: should I change the rule of the firewall? If so, is there a security risk? Is there any other solution for this? By the way, I don't have an internal DNS, I use my ISP DNS service. Thank you so much for your help, JC
- Previous message: [CentOS] grub booting from software raid problem
- Next message: [CentOS] firewall dilemma
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list