httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Gormley" <rob...@seabreeze.asn.au>
Subject RE: [users@httpd] Virtual Host / Firewall Configuration
Date Thu, 15 May 2003 00:35:17 GMT
There's just one external IP, and there's a 1-to-1 correlation (I can't
possibly imagine why it's NATted, other than someone's uninformed
attempt to make the system multihomed.

To clarify, one external IP, a.b.c.d, one internal IP, 192.168.1.1, it's
just that the system has no knowledge or concept of its external IP
address.

Thanks,

Robert

-----Original Message-----
From: Jeff Cohen [mailto:support@gej-it.com] 
Sent: Thursday, 15 May 2003 10:28 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Virtual Host / Firewall Configuration

How many external IPs do you have?

Jeff Cohen
Jeff@GEJ-IT.com
Tel. (416) 917-2324
www.GEJ-IT.com
GEJ-IT Networks!

> -----Original Message-----
> From: Robert Gormley [mailto:robert@seabreeze.asn.au]
> Sent: Wednesday, May 14, 2003 8:11 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] Virtual Host / Firewall Configuration
> 
> Hi,
> 
> I have an issue that is causing me no end of headache.
> 
> An Apache server (192.168.1.1) sitting behind a PIX firewall. The PIX
> firewall takes requests for the external IP address of the server
> (a.b.c.d) and NAT translates them. By this method, the server has no
> idea of its external IP address (although it is static and used only
for
> it). I don't have any able to change this in the firewall (well, not
> administratively).
> 
> My issue is that the server gets confused. Any virtual host which is
> referenced by an internal DNS entry - pointing to 192.168.1.1 works
> fine, with the appropriate site displayed, however, any external user
> gets the first internal site listed, regardless of which external site
> was requested. I believe this might be because of the NAT
translation(?)
> causing Apache to think it's getting requests for the internal IP.
> 
> So I tried something else in my httpd.conf:
> 
> NameVirtualHost 192.168.1.1
> NameVirtualHost a.b.c.d
> 
> <VirtualHost 192.168.1.1>
> 	...
> 	ServerName internal.site.a
> 	...
> </VirtualHost>
> 
> <VirtualHost 192.168.1.1
> 	...
> 	ServerName internal.site.b
> 	...
> </VirtualHost>
> 
> <VirtualHost a.b.c.d>
> 	...
> 	ServerName external.site.a
> 	...
> </VirtualHost>
> 
> <VirtualHost a.b.c.d>
> 	...
> 	ServerName external.site.b
> 	...
> </VirtualHost>
> 
> 
> And still, the same. Internal Sites A and B work for internal users,
as
> expected, but any request for External Site A or B from an external
user
> (due to the firewall, internal users cannot request 'external sites'),
> is responded to with Internal Site A.
> 
> Any suggestions would be greatly appreciated.
> 
> Robert
> 
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org





---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message