Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Problem with Public IPs behind a firewall (Using a subnet with public IPs for servers)
  •  
Reinaldo

Messages: 226
Karma: -8
Send a private message to this user
Hi,
Due to applications that validate IP/MAC pairs some servers MUST have public IPs in a customer's network.
We separated a subnet for this as well as a LAN port.
After trying doing several things I decided to come to this forum to ask for help/suggestions.
Maybe forum experts can tell me what to do in details in order to solve this issue.
See picture for topology.
Thanks in advance for your help.
PS.: we cannot use NAT in this case, sorry.
Regards,
Reinaldo

[Updated on: Thu, 06 November 2014 03:58]

  •  
Lucian Maly (Kerio)

Messages: 136
Karma: 8
Send a private message to this user
The picture did not make it through, but If I understand correctly it sounds like typical multi-homing scenario:
http://kb.kerio.com/1310

Kerio Technologies AU Pty Ltd.
  •  
Reinaldo

Messages: 226
Karma: -8
Send a private message to this user
Hi Lucian,
As I explained before some internal addresses are Public IPs and this is not exactly Multihoming. I thought it would be simpler if I put a picture with Public and Private IPs in it.
Notice that I included the mask in the new format x.y.z.w/M.
Any suggestion?
Thanks,
Reinaldo
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
Sorry, still can't see any picture here.

If some of your servers needs to have public IP, the best solution is to put them into DMZ - http://kb.kerio.com/347. In your case with public IPs there will be only basic traffic rules to DMZ interface, not NAT or MAP.

[Updated on: Thu, 06 November 2014 15:26]


Petr Dobry
Product Development Manager | Kerio
  •  
Reinaldo

Messages: 226
Karma: -8
Send a private message to this user
Hi Petr,
May you be kind to include a provisioniing example for me?
I'm trying hard with a customer without success.
Thanks in advance.
Regards,
Reinaldo

[Updated on: Tue, 23 December 2014 03:55]

Previous Topic: Control Dynamic Block List Subscription
Next Topic: analysis users online ? !
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Aug 24 12:26:35 CEST 2017

Total time taken to generate the page: 0.00432 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.