Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » ask - IP/Port forwarding
  •  
no_name

Messages: 51
Karma: 1
Send a private message to this user
Hi there,

need help / advice here, please.

I've read http://forums.kerio.com/t/9043/port-forwarding, this working for one public IP address.

But, If I have two IP public address, can I:
- I use 1st IP for network configuration,
- 2nd IP used for certain application, so that application can be accessed from outside world?

thanks in advance
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
Are the two public IP addresses on the same interface, or different interfaces?

I'm not sure that makes much difference, though. I certainly have used two different public IP addresses and bound applications to them. The trick is managing how users get to the proper interface. In my case, I used dynamic DNS services since the IPs were also from a DHCP pool. If yours are static, you have it much easier.

What could be problematic would be if you have two dynamic public IPs. The dynamic DNS services I have used don't seem to like that on the same device. You may need to front-end the Control device with two simple NAT boxes that provide that function.
  •  
no_name

Messages: 51
Karma: 1
Send a private message to this user
Hi,
yes, two public IP on the same interface.
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
Are they static or dynamically assigned? This will determine how you may need to engage the DNS process.

You should still be able to do this by assigning the NAT function to "Use specific IP address".
  •  
Jeff Wadlow (Kerio)

Messages: 193
Karma: 6
Send a private message to this user
In the Destination field, instead of using 'Firewall', use the "host" option and type the public IP address. Then create a second rule for the second public IP.

For example, my Internet network card has these two public IP addresses: 12.13.14.15 and 12.13.14.16

I could create these two Traffic Rules:

Rule #1
Source: Internet interface
Destination: host: 12.13.14.15
Service: HTTP
Action: Allow
Translation: Destination NAT: 10.11.12.13

Rule #2
Source: Internet interface
Destination: host: 12.13.14.16
Service: HTTP
Action: Allow
Translation: Destination NAT: 10.11.12.26
  •  
no_name

Messages: 51
Karma: 1
Send a private message to this user
to Silars,
I use static IP public, both of them.

to Jeff,
do I need to create new rule for each IP public?
I created only one, so far is no problem, but don't know if there will fault.

please advice. thanks.
  •  
Jeff Wadlow (Kerio)

Messages: 193
Karma: 6
Send a private message to this user
It really does depends upon the situation.

If you want both web servers (for example) to be accessible then you do need to create two rules. But only if the web server are on separate servers behind Kerio Control.

If you had five web sites on one server then just one Traffic Rule would be enough.

If you had five web sites on five servers behind Kerio Control then you would need five Traffic Rules. You may need to have five Public IP addresses in that situation if all five web sites use port 80. You might need only one public IP if the web sites all use different port numbers.

But you would still need five Traffic Rules if the web sites are running on five different servers behind Kerio Control.
Previous Topic: Extra Service
Next Topic: i have problem in users login
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Oct 23 00:45:46 CEST 2017

Total time taken to generate the page: 0.00487 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.