[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Help with iptables



Almquist Burke wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



I'll try and draw a ASCII diagram, try being the word :-)

Thinclients 10.0.0.x
         |
         |
      Server 10.0.0.1
             192.168.0.100
         |
         |
MAIN NETWORK (All servers on 192.168.0.x/16 - Proxy 192.168.0.80:8080
         |
         |
      Firewall (Green Network - 192.168.0.2)
          (Orange DMZ - 172.16.0.x)
          (Red - 212.219.x.x)
         |
         |
       CISCO to Internet


Do people directly on the main network have to go through the proxy too?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iEYEARECAAYFAklB6DMACgkQxWV7OPa/g5HCdwCgilUOn/3u8jr29lrlphBDVeOV
8ZEAnjcIkZ9kuEYSQ1qXnP4OfzLjFffI
=xob4
-----END PGP SIGNATURE-----

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

Yes but they're all Windows boxes so they're sorted by the firewall blocking them direct access, the problem is that the firewall see the traffic coming from the ip address of the thinclient server 192.168.0.100 NOT the thinclients. I could block ALL internet traffic from the thinclient server @ the firewall but don't really want to do that.

Brian

------------------------------------------------------------------------------------------------
   The views expressed here are my own and not necessarily

the views of Portsmouth College
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]