[ previous ] [ next ] [ threads ]
 
 From:  Alex Neuman van der Hans <alex at nkpanama dot com>
 To:  KnightMB <knightmb at knightmb dot dyndns dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] opening ports for entire network
 Date:  Sat, 25 Feb 2006 22:52:25 -0500 
That's why I mentioned he needs to go back and read up a little more on 
TCP/IP, NAT, routing, internal vs. external nets, etc.

That and http://www.catb.org/~esr/faqs/smart-questions.html

KnightMB wrote:
> Do you mean from the WAN to the LAN port 21 or do you mean everyone 
> can go outbound Port 21 to the Internet?
>
> If you are trying to host many machine services on port 21 behind the 
> WAN, m0n0wall allows port redirection through the NAT rules.  So you 
> could map port 65001 to port 21 on one computer, port 65002 to port 21 
> on another computer, etc.
>
> The name resolution of the DNS Forwarder only works for the LAN.  This 
> is useful in getting around the "can't get to NAT WAN service from 
> LAN" issue I often see listed.  As far as using it to resolve those to 
> different ports on the WAN or LAN, name resolution only does IP, not 
> the port number, so you would not be able to use the DNS forwarder in 
> that way.
>
> As it stands, you don't need to run the same service on a different 
> port number for every machine.
>
> Thanks,
> Michael
>
> Nick Smith wrote:
>> is there a way to open say port 21 for my entire network, not just
>> machine? then if i do ssh computer1.domain.com or computer2.domain.com
>> it will actually go to each machine? as it stands now it seems i can
>> only open the port per ip, so unless i run ssh on different ports on
>> all the different machines which would be a real pain, now i have to
>> ssh into computer1.domain.com and then from computer1 ssh into
>> computer2.  is it possible to open it up for the entire network and
>> use host name resolution via the dns forwarder in the m0n0wall?
>>
>> thanks
>>
>> Nick
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>   
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

-- 

Alex Neuman van der Hans
N&K Technology Consultants
Tel. +507 214-9002 - http://nkpanama.com/