Help with NAT

Dear Guru,

I have an IIS server that I would like to put behind a linux firewall
but I cannot seem to get this to work. In an attempt to simply get
this to work, I have downloaded and installed Webmin so any help with
it or the real config files will work. I have already used squid to
do port accel(reverse proxy) but unfortunaltly it seems squid will not
forward SSL encrypted requests so I am trying to use NAT to forward
port 443 requests to the appropriate internal server. I know I need
to have IP_Forwarding turned on but am not sure how to configure the
routing table. I have a NAT rule established to PREROUTE all requests
comming from port 443 to the internal ip and port. How do I set up
the routing table and is there anything else I need to configure?

Thank you for any help!!!

-JJ

You want a preroute rule to forward any packets going TO port 443, not
FROM. These packets could have a source port that is fairly random and
somewhere in the thousands(don't recal what range it uses off hand). As
long as you can ping the apache server from the router, and the router
has a default gateway,(check with route command, set with 'route add
default gateway ip-of-isp's-router') it should be fine. As long as there
isn't a second router between the firewall and the apache server(i'm
sure you would have mentioned such a thing) the entry for that network
will be in the routing table.
Also check iptables -L to make sure the rule is active.

Matt
Jimmy Jam wrote:
> Dear Guru,
>
> I have an IIS server that I would like to put behind a linux firewall
> but I cannot seem to get this to work. In an attempt to simply get
> this to work, I have downloaded and installed Webmin so any help with
> it or the real config files will work. I have already used squid to
> do port accel(reverse proxy) but unfortunaltly it seems squid will not
> forward SSL encrypted requests so I am trying to use NAT to forward
> port 443 requests to the appropriate internal server. I know I need
> to have IP_Forwarding turned on but am not sure how to configure the
> routing table. I have a NAT rule established to PREROUTE all requests
> comming from port 443 to the internal ip and port. How do I set up
> the routing table and is there anything else I need to configure?
>
> Thank you for any help!!!
>
> -JJ

What IIS services do you plan to use?

https://s.microsoft.com/technet/tree...g_sec_xria.asp

If you are using exchange server there are a lot more you have to worry
about

http://support.microsoft.com/?kbid=278339

user

"Jimmy Jam" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) m...
> Dear Guru,
>
> I have an IIS server that I would like to put behind a linux firewall
> but I cannot seem to get this to work. In an attempt to simply get
> this to work, I have downloaded and installed Webmin so any help with
> it or the real config files will work. I have already used squid to
> do port accel(reverse proxy) but unfortunaltly it seems squid will not
> forward SSL encrypted requests so I am trying to use NAT to forward
> port 443 requests to the appropriate internal server. I know I need
> to have IP_Forwarding turned on but am not sure how to configure the
> routing table. I have a NAT rule established to PREROUTE all requests
> comming from port 443 to the internal ip and port. How do I set up
> the routing table and is there anything else I need to configure?
>
> Thank you for any help!!!
>
> -JJ