httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Cohen" <supp...@gej-it.com>
Subject RE: [users@httpd] Virtual Host / Firewall Configuration
Date Thu, 15 May 2003 00:28:27 GMT
How many external IPs do you have?

Jeff Cohen
Jeff@GEJ-IT.com
Tel. (416) 917-2324
www.GEJ-IT.com
GEJ-IT Networks!

> -----Original Message-----
> From: Robert Gormley [mailto:robert@seabreeze.asn.au]
> Sent: Wednesday, May 14, 2003 8:11 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] Virtual Host / Firewall Configuration
> 
> Hi,
> 
> I have an issue that is causing me no end of headache.
> 
> An Apache server (192.168.1.1) sitting behind a PIX firewall. The PIX
> firewall takes requests for the external IP address of the server
> (a.b.c.d) and NAT translates them. By this method, the server has no
> idea of its external IP address (although it is static and used only for
> it). I don't have any able to change this in the firewall (well, not
> administratively).
> 
> My issue is that the server gets confused. Any virtual host which is
> referenced by an internal DNS entry - pointing to 192.168.1.1 works
> fine, with the appropriate site displayed, however, any external user
> gets the first internal site listed, regardless of which external site
> was requested. I believe this might be because of the NAT translation(?)
> causing Apache to think it's getting requests for the internal IP.
> 
> So I tried something else in my httpd.conf:
> 
> NameVirtualHost 192.168.1.1
> NameVirtualHost a.b.c.d
> 
> <VirtualHost 192.168.1.1>
> 	...
> 	ServerName internal.site.a
> 	...
> </VirtualHost>
> 
> <VirtualHost 192.168.1.1
> 	...
> 	ServerName internal.site.b
> 	...
> </VirtualHost>
> 
> <VirtualHost a.b.c.d>
> 	...
> 	ServerName external.site.a
> 	...
> </VirtualHost>
> 
> <VirtualHost a.b.c.d>
> 	...
> 	ServerName external.site.b
> 	...
> </VirtualHost>
> 
> 
> And still, the same. Internal Sites A and B work for internal users, as
> expected, but any request for External Site A or B from an external user
> (due to the firewall, internal users cannot request 'external sites'),
> is responded to with Internal Site A.
> 
> Any suggestions would be greatly appreciated.
> 
> Robert
> 
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message