l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2001 Dec 30 17:04

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Trying to understand my own WAN
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Trying to understand my own WAN


  • Subject: Re: [vox-tech] Trying to understand my own WAN
  • From: "Jay Strauss" <jjMAPSstrauss@yahoo.com>
  • Date: Mon, 07 May 2001 08:23:17 -0700
  • References: 001301c0d66d$f7728230$0201a8c0@roscoe

Maybe I'd be better off saying what I want to do (rather than what I have),
and you guys can direct me in the approach.

I want to have a secure network, where I'll have a DMZ and an Internal LAN.
I want to be able to run X apps from:

Internal LAN --> DMZ
Home --> DMZ server
Home --> Internal LAN servers

What pieces of hardware do I need?  What software?  How are they arranged?

Jay

----- Original Message -----
From: "Jay Strauss" <jjstrauss@yahoo.com>
To: "vox-tech" <vox-tech@lugod.org>
Sent: Sunday, May 06, 2001 3:48 PM
Subject: [vox-tech] Trying to understand my own WAN


> I apologize right off the bat that this is long.
>
> I'm trying to figure out how to manage servers at the office from both my
> home and work.
>
> Firstly, let me describe some of the setup.  I have static IPs at both my
> office and home. Both setups are identical from a hardware perspective:
>
> LRP - Linux Router, performs firewalling, DHCP
>
> linksys routers, are SOHO (Small Office/Home Office) firewalls that also
> have a builtin hub/switch on the internal side (i.e. so you can hook it up
> to your DSL then hang 5 PCs off the back), It performs
> NAT/DHCP/Portforwarding.
>
> My network looks like so:
>
>         ------------------Internet---------------
>         |                                        |
> DSL Modem                                DSL Modem
>         |                                        |
>         |                                        |
>         64.92.x.x                                216.233.x.x
> Linksys Router/Firewall                  Linksys Router/Firewall
>         192.168.5.254                            192.168.5.254
>         |                                        |
>         |                                        |
>         192.168.5.253                            192.168.5.253
> LRP (Eigerstein)                         LRP (Eigerstein)
>         192.168.1.254                            192.168.1.254
>         |                                        |
>         |                                        |
> Internal LAN                                Internal LAN
>
>       (HOME)                                  (OFFICE)
>
>
> My DMZ or at least what I think is my DMZ, is the area behind my linksys,
> and in front of my LRP.  At the office I run a 2 RH6.2 machines, one with
> Apache the other with Oracle in my DMZ.
>
> I'd like to be able to manage the servers in my DMZ from both Home and the
> internal LAN at my office (i.e. like to be able to start an Xterm session
on
> my RH(1) and tell it to send the display to my machine at home or the
> Internal LAN at work).
>
> I don't really get how I do this securely (I don't want to run telnet,
FTP).
> I'll start with the easy side
>
> Trying to do Xterm from the internal LAN:
>     I figure I have to run an SSH (openSSH) server somewhere inside my
DMZ.
>     My LRP box will let me SSH to the DMZ - i.e. it will let all outbound
> packets thru
>     I don't get how I allow X to send its display from the DMZ to the
> Internal LAN
>         thru the LRP?  I don't think I portforward, I think I have to open
a
> hole in the LRP
>         for SSH connections - Is this right?
>
> Now for the hard part, I want to manage my oracle server from home
>     I SSH to my ssh server in the DMZ
>     Then I have to SSH from the SSH server to the oracle server?
>     Then I start my start xterm and tell it to send the display home?
>     Once the packet get home, How do my commands make it back to the
oracle
> server?  The Linksys will portforward SSH to
>         the SSH server not the oracle Server.
>     How are my packets even going to make it home - won't my firewall and
> LRP box at home going to block them?
>
> Feel free to rearrange any and all components/hardware, if I've got this
> totally setup wrong
>
> Thanks
> Jay
>
>
>
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!