Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: toothandnail on July 08, 2008, 05:41:53 PM
-
I hope this isn't a really dumb question, but I've had a look through the documentation, hunted the forum and had a quick look at the bug tracker, can't find what I need....
I have a system with two SME boxes. One is a server/gatway, the other a server. The second machine is intended mainly as a file server for the local network, but I do want to make the contents of one ibay on it available from the internet. Trouble is, I have no idea how to access it.
I have set up a hostname on the server/gateway machine pointing to the server's ip, so the system now has two servers - golide.mydomain.co.uk and pandora.mydomain.co.uk. I have set the ibay in question to be accessible without password from the local network, and with password from the internet. However, I don't really know how to address the ibay. I've tried all the variations I can think of (http://mydomain.co.uk/pandora/ibayname, http://mydomain.co.uk/ibayname), but I'm getting 404s no matter what variation I try.
Can anyone tell me how I should be going about accessing the ibay through the main server?
On a related topic, I have an ibay on the gateway machine which has been set for full interent access without password. I can access it via http - http://mydomain.co.uk/brillcomp works fine. I tried adding a redirect from it to the ibay on the internal server, which works from the local network, but gets me a 404 when tried from the interent. Again, can anyone tell me what the format of a redirect of that sort should be?
paul.
-
Did you try http://pandora.mydomain.co.uk ? (I think pandora is the server-only machine?) AFAIK that should get you to the primary ibay on the server-only machine. So try http://pandora.mydomain.co.uk/ibayname for access to the ibay in question.
-
Did you try http://pandora.mydomain.co.uk ? (I think pandora is the server-only machine?) AFAIK that should get you to the primary ibay on the server-only machine. So try http://pandora.mydomain.co.uk/ibayname for access to the ibay in question.
Thanks for the suggestion. No, didn't think of that variation. But I've just tried http://pandora.mydomain.co.uk (with and without the ibayname). Both give me an address not found - "the browser could not find the host server for the provided address".
I've set things up so that I can access both servers remotely (ssh to goldie, which is the gateway box, then ssh from goldie to pandora). Both machines are up and running, and I can access ibays on the gateway machine (I set up a password protected ibay to allow access to SARG reports, since they seem to require an admin login if accessed from server-manager).
I'm at a loss. The hostname seems to be correctly registered with the gateway machine, and I was able to use this as a redirect from the gateway machine to the server-only box:
<a href="http://pandora.mydomain.co.uk/utils">File Area</a>
That worked when I was attached to the local network, but doesn't work from remote. I was going to try ftp, but I've currently got ftp disabled globally, so unless I turn that on, I can't currently test ftp access. I may try enabling it, just to see if that works...
paul.
-
Maybe it has to do with the tcp port 80 (for http) not being forwarded to pandora. Unfortunately I can't test it at the moment and I think my guesses are not that much of a help right now :(
But my guess was that it is working from the local network because the port is open to the local environment.
-
Maybe it has to do with the tcp port 80 (for http) not being forwarded to pandora. Unfortunately I can't test it at the moment and I think my guesses are not that much of a help right now :(
But my guess was that it is working from the local network because the port is open to the local environment.
Thanks for the suggestion. Looking at the options in Server-Manager, it looks as though forwarding works to poke holes in the firewall rather than anything else. I would also have thought that if I could forward port 80 to the internal server it might affect the gateway's ability to handle htpp requests, but that may be due to my limited understanding of how NAT works....
I tried bouncing the gateway server after seeing that, even though I had entered the new server in the hostnames section of Server Manger, /etc/hosts carried no mention of it. Pity - the machine didn't come back up properly, so I've only just been able to get back in. Still can't access anything on the internal server, and /etc/hosts on the gateway machine still has no mention of the internal server.
I hope someone has an idea of what I'm doing wrong - this is getting frustrating....
paul.
-
Thanks for the suggestion. Looking at the options in Server-Manager, it looks as though forwarding works to poke holes in the firewall rather than anything else.
I don't know what else you might have expected, but port forwarding does work by both poking holes in the firewall and redirecting incoming traffic to a new address in your internal LAN.
I would also have thought that if I could forward port 80 to the internal server it might affect the gateway's ability to handle htpp requests, but that may be due to my limited understanding of how NAT works....
No, port 80 traffic can only go one place. If you forward it, it will go to a different destination, and the web server on the gateway will no longer see it.
... and /etc/hosts on the gateway machine still has no mention of the internal server.
I don't know why you might have expected that.
-
No, port 80 traffic can only go one place. If you forward it, it will go to a different destination, and the web server on the gateway will no longer see it.
Ok, that was what I thought.
So the question remains - what do I need to do to get access to ibays on an internal server from the internet as a whole? So far as I can see, I've got everything set up correctly. Is there something else I should be doing, or is SME simply not able to provide access to the internal server?
paul.
-
toothandnail
proxy pass is one way
search the FAQ
Also consider setting up hostnames on server 1 that point to server 2
The way you do it depends on what exactly you are trying to achieve
-
toothandnail
proxy pass is one way
search the FAQ
Thanks. Missed that on my original search.
Also consider setting up hostnames on server 1 that point to server 2
The way you do it depends on what exactly you are trying to achieve
I've already set up a hostname on the gateway machine pointing to the internal server. I had expected that would be all I would need, but even with it in place, I've been unable to access any of the internal server's resources from the internet. Still looking to do that...
paul.
-
toothandnail
I've been unable to access any of the internal server's resources from the internet. Still looking to do that...
Answered already, but as you don't seem to get it, see
http://wiki.contribs.org/SME_Server:Documentation:FAQ#Proxy_Pass