Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: akhilmathema on November 13, 2007, 06:30:01 AM
-
Hi,
I've one of my system running as a LAN gateway, where I've configured transparent proxy for a LAN. Now I've another box acting as a web-server and I configured a port forward. All the configs (for squid and masq) seems to be fine but no one is able to access a web-site.
Since port forwarding to port 80 is overlapped with transparent proxy, it seems to stop working. Is there anyway such that I can use both of them together?
Cheers,
Akhil
-
If you're describing a situation like this:
RemoteUser
|
Internet
|
SME1
/ \
Web LocalUser
then PortForwarding should work to allow RemoteUser to access Web, but will not work for LocalUser as SME does not do reflexive NAT (a term I just made up to describe a system that uses source NAT to reflect packets back onto the same network segment they came from)
If you need LocalUser to get to Web, you could try configuring 'Proxy Pass' on SME1 as described in http://wiki.contribs.org/SME_Server:Documentation:FAQ#Proxy_Pass
If you're describing this: RemoteUser
|
Internet
/ \
SME1 Web
|
LocalUser
then LocalUser will not be able to get directly to Web on port 80 by default.
Your options are:
* Bind Web to a second port and tell your LocalUser to use that port number (as http://Web:81)
* Try setting up Proxy Pass (see link above)
* Configure 'BypassProxyTo' as described here: http://wiki.contribs.org/Firewall#Bypass_Proxy.
-
Since port forwarding to port 80 is overlapped with transparent proxy, it seems to stop working.
Port forwarding works on inbound connections and transparent proxy works only on traffic coming from LAN.
-
If you need LocalUser to get to Web, you could try configuring 'Proxy Pass' on SME1 as described in http://wiki.contribs.org/SME_Server:Documentation:FAQ#Proxy_Pass
ProxyPass is not required for local users if the SME server is managing local DNS for the domain in question.