Natted IP open access

S

smoke187

Active Member
Joined
Mar 23, 2009
Messages
43
Hi Peeps

I'm having a bit of an issue trying to setup a Natted IP so that we can access an internal webpage over the internet. What I have been requested to do is to setup a natted IP for 1 server which already has a natted IP for a certain webpage on our internal and external network. To try and explain this a bit more simple, we have 1 server which has 2 applications that have their own web interface and the 1 app has already been setup by my previous sys admin and now they want me to setup the 2nd app to run off the same server with a natted IP so that we can access the 2nd apps web interface over the internet from any internet connection.

My question is, can I use the original NAT eg:- 196.0.0.1 for the 2nd app as well and how do I point it so that it opens up the correct applications web interface. the first apps web page is http://reports.xxx.co.za and the seconds apps page needs to be http://sdesk.xxx.co.za and that needs to be on the same server with the same NAT
 
S

skaapgif

Member
Joined
Aug 16, 2007
Messages
22
Hi Smoke187,

Your question isn't entirely clear which gives me the idea you are in a bit over your head?

Let's call the server with NAT'd IP the gateway. This computer is the one connecting the internet with your local lan. If users click on http://reports.xxx.co.za or http://sdesk.xxx.co.za they will be directed to the internet ip of the gateway. The gateway then has to decide what to do with these packets it receives. It can either block them, pass it to an application on the gateway itself, or forward it to another server.

It sounds to me the latter is what you would like to do. The type of action the gateway would take depends on the port or port range on which the packet was received. Typing www.google.com in your browser actually takes you to google's ip address and port 80. At the moment it seems like your gateway is set to forward all packets received on port 80 to application 1. If you want to use the same gateway internet address for the second application the gateway would have to forward a different port (say for instance port 81). This would mean typing sdesk.xxx.co.za won't take you anywhere, but typing sdesk.xxx.co.za:81 would send you to application 2.

It is also possible that these applications are both hosted on the gateway server, in that case you would use virtual hosts to identify the application based on the hostname (if this is the case see the documentation of your web server) for apache: http://httpd.apache.org/docs/1.3/vhosts/

Hope this helps,
 
S

smoke187

Active Member
Joined
Mar 23, 2009
Messages
43
skaapgif said:
Hi Smoke187,

Your question isn't entirely clear which gives me the idea you are in a bit over your head?

Let's call the server with NAT'd IP the gateway. This computer is the one connecting the internet with your local lan. If users click on http://reports.xxx.co.za or http://sdesk.xxx.co.za they will be directed to the internet ip of the gateway. The gateway then has to decide what to do with these packets it receives. It can either block them, pass it to an application on the gateway itself, or forward it to another server.

It sounds to me the latter is what you would like to do. The type of action the gateway would take depends on the port or port range on which the packet was received. Typing www.google.com in your browser actually takes you to google's ip address and port 80. At the moment it seems like your gateway is set to forward all packets received on port 80 to application 1. If you want to use the same gateway internet address for the second application the gateway would have to forward a different port (say for instance port 81). This would mean typing sdesk.xxx.co.za won't take you anywhere, but typing sdesk.xxx.co.za:81 would send you to application 2.

It is also possible that these applications are both hosted on the gateway server, in that case you would use virtual hosts to identify the application based on the hostname (if this is the case see the documentation of your web server) for apache: http://httpd.apache.org/docs/1.3/vhosts/

Hope this helps,
Click to expand...

You have actually simplified that for me. I am hosting both services on the same server 192.0.0.1 and that passes my gateway server 192.0.0.2. when I do an nslookup on the current web name http://reports.xxx.co.za it gives me the gateway servers IP and then the natted IP. Now what I am trying to do is access http://sdesk.xxx.co.za:8080 on the same natted IP lets say its 172.0.0.25.
Is it possible to run both sites of the same natted IP and would I need to create a policy on my firewall for this and how would I go about setting this up on my webmin server?

Also taking note that this is on a windows Server 2003 machine.

I really appreciate you taking the time to respond to my dilema and yes I am a bit over my head with this, as it is the first time my boss has requested me to do this and also the first time that I am even attempting to work with our web server.
 
I

ivusi

Active Member
Joined
Mar 23, 2010
Messages
69
The thing is, can you internally access the web applications using the respective http addresses if you add them into your hosts file? ie
/etc/drivers/hosts
172.16.60.1 www.pingpong.com
172.16.60.1 www.tabletennis.com

If you add those is, then access them via your browser, does the correct pages show up? If so great, then your natting will work with one single public IP address and one single private address. All you have to make sure is that your DNS records at your ISP end are pointing to the same public address. The web server will take care of what pages are displayed.
 
You must log in or register to reply here.
Top