General discussion

  • Creator
    Topic
  • #2111554

    Accessing a server through a firewall

    Locked

    by rob hogan ·

    I have a win2k server that I need to be able to access via the internet. My problem lies in the fact that I am using a cable internet connection utilizing NATS and proxy server and I have no access to these to change any settings. I am looking for asolution that would allow me a secure connection to the files on this server. I also have a database on this server that I would like to be able to access via active server pages. The server that acts as the proxy server is at my location but is administered by the cable company. This server does however double as a web server for us. I do have ftp access to the web server but I cannot move the database because I then would have no access to it from my client computers on my intranet(dont know if this may add any options but it cant hurt to mention it). If you need any additional info please email me

All Comments

  • Author
    Replies
    • #3874939

      Accessing a server through a firewall

      by rob hogan ·

      In reply to Accessing a server through a firewall

      One last thing, if you have an solution that is rather extensive please be specific on the steps involved (you can email me specifics if you would prefer)
      Thanks

    • #3888030

      Accessing a server through a firewall

      by interdivide ·

      In reply to Accessing a server through a firewall

      You say you need access to the FILES on the SERVER via the INTERNET. You need a seperate IP address for this approach, but you probably have at least one more you can squeeze out of your current block. Install a telnet server on the machine you wish to access; several are available for download, take your pick based on price, features, # users allowed, footprint, complexity, etc. If you are willing to fork out the coin, you can buy telnet server apps that are idiot proof and install themselves. Then install a telnet client on the remote machine(s), TeraTermPro is free and probably adequate for your needs. That will give you access to the files just like you were at the local terminal. You can also use the browser on the remote machineas a telnet client. Get savy on the telnet IP addressing scheme, takes a couple hours on the net to learn what you need to get the server up, and you will be good to go. Now, of course, you informed the cable ISP of your new telnet server, since ifyou have heavy traffic coming in, they will discover it pronto. If its just you coming into the server then… They don’t dig it, especially if they don’t get their monthly cut, but you can look your contract over and see if telnet server is addressed. The best way is to approach them with your problem and work out a solution with them, unless they don’t want to play and then you done put yourself under the light. If you know someone else with service from the same cable company, have them run the trial baloon up for you. i know some cable providers are not cooperative about telnet servers. However some don’t specifically prohibit them in the contract. Its too handy though: a telnet server on your home machine and its as good as it gets, from anywhere with a decent net connection.

      Security is as good or poor as you make it. rotate the IP address, and use protected access levels.

    • #3887984

      Accessing a server through a firewall

      by Anonymous ·

      In reply to Accessing a server through a firewall

      -Get yourself a public IP address
      -VPN to the server (setup VPN on the w2k server and your client)

    • #3829578

      Accessing a server through a firewall

      by worf ·

      In reply to Accessing a server through a firewall

      Rob,

      Unfortunatley for you, even with the Telnet application described, you will still need either access to you firewall or to have the cable companies technicians access it for you. You see, in order to make an inbound connection through a NAT firewall, of any kind, you will need a static NAT translation of an external, registered IP address to an internal Private one. And that is assuming you have the right type of firewall. You never mentioned what Firewall product you have, but if it isstrictly PAT based, like older versions of MS Proxy Server, you will not be able to do a static inbound NAT translation. PAT appends a port address to the same IP address for all clients. This works outbound, but not inbound. And the fact that you say the Porxy doubles as a web server leads me to believe that it is a PAT based product. What you need is a registered IP address not in use, that can be staticlly NAT’ed to your internal machines private IP address. There is no way around this fact. The NAT could be done on a router, if you have one on your external network. At that point, assuming your cable company allows GRE on the wire, then you can set up PPTP, a free VPN server on NT 4.0 and access your internal network, or do the telnetidea mentioned above.

    • #3854033

      Accessing a server through a firewall

      by rob hogan ·

      In reply to Accessing a server through a firewall

      Some additional information. After speaking with the cable ISP they have an option where they will open ports in order for me to connect to my intranet via the internet. What would be my best option to allow remote administration and access to my intranet database?? I thought maybe the VPN service built into Win2k but I am not real savy in this are and want some skilled advice regarding this issure. I have only a month to pull this off so I need either some well guided instructions or a relatively simple solution. If someone can help me to puzzle this out somewhat quickly I will throw some extra points their way.

    • #3854031

      Accessing a server through a firewall

      by rob hogan ·

      In reply to Accessing a server through a firewall

      Point value changed by question poster.

    • #3854019

      Accessing a server through a firewall

      by rob hogan ·

      In reply to Accessing a server through a firewall

      One more technical tidbit…..the statement about my proxy doubling as a webserver is actually incorrect. It doesnt act as a webserver…I was fed a little misinformation there. Sorry. To add on to my earlier comment, I apparently have the option toopen most any ports I need for my connection—both tcp, udp, icmp, pptp and can specify what port number as well along with the internal IP. Am I going to be best off using win2k’s pptp service??

    • #3804662

      Accessing a server through a firewall

      by estebandelatorre ·

      In reply to Accessing a server through a firewall

      I strongly recommends you to get a valid IP public address.
      Set up a VPN using W2k with two lan cards, one for the public ip address (internet) and the other for the private ip address (your lan, clients that access the database)
      Using a VPN you will obtain the most secure connection between your remote clients, as well as a good shield against hacker attacks.
      On the other hand, the second nic card will allows you to access this server from the lan side, and of course in you need, browse theinternet by installing a proxy server (or better the new isa server.)

      good luck!

    • #3725427

      Accessing a server through a firewall

      by christotg ·

      In reply to Accessing a server through a firewall

      This may not be a valid solution for you – but try getting rid of the proxy server. Set up NAT with a small hardware firewall (Sonicwall, Netscreen, etc) or a computer based product like Win2k RRAS, freesco, or linuxrouter.

      If it is something youwant to do, but you can’t get authorisation for it, try this: Ensure you have a minor project that an executive wants, but make it fail or delay it due to the cable company controlling the proxy.

    • #3724931

      Accessing a server through a firewall

      by rob hogan ·

      In reply to Accessing a server through a firewall

      This question was auto closed due to inactivity

Viewing 9 reply threads