[ previous ] [ next ] [ threads ]
 
 From:  KnightMB <knightmb at knightmb dot dyndns dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] opening ports for entire network
 Date:  Sat, 25 Feb 2006 21:18:59 -0600
Do you mean from the WAN to the LAN port 21 or do you mean everyone can 
go outbound Port 21 to the Internet?

If you are trying to host many machine services on port 21 behind the 
WAN, m0n0wall allows port redirection through the NAT rules.  So you 
could map port 65001 to port 21 on one computer, port 65002 to port 21 
on another computer, etc.

The name resolution of the DNS Forwarder only works for the LAN.  This 
is useful in getting around the "can't get to NAT WAN service from LAN" 
issue I often see listed.  As far as using it to resolve those to 
different ports on the WAN or LAN, name resolution only does IP, not the 
port number, so you would not be able to use the DNS forwarder in that way.

As it stands, you don't need to run the same service on a different port 
number for every machine.

Thanks,
Michael

Nick Smith wrote:
> is there a way to open say port 21 for my entire network, not just
> machine? then if i do ssh computer1.domain.com or computer2.domain.com
> it will actually go to each machine? as it stands now it seems i can
> only open the port per ip, so unless i run ssh on different ports on
> all the different machines which would be a real pain, now i have to
> ssh into computer1.domain.com and then from computer1 ssh into
> computer2.  is it possible to open it up for the entire network and
> use host name resolution via the dns forwarder in the m0n0wall?
>
> thanks
>
> Nick
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>