Solved

Port Forwarding

Posted on 2011-02-22
6
419 Views
Last Modified: 2012-05-11
We had to move our webserver, and were temporary forced to go from 10 static IP addresses to 2. It was suggested that we try to get some of our sites back up by utilizing port forwarding. My question is what ports are generally good for customizing and would port forwarding also work for FTP sites.
0
Comment
Question by:jej07
6 Comments
 
LVL 33

Accepted Solution

by:
paulmacd earned 250 total points
ID: 34952044
You can reassign any ports you like, as long as you don't have services on the back end that need those ports.  In other words, it would be ill-advised to assign port 21 to a web site if you need to use it for an FTP site.  Typical alternate HTTP ports are 8040, 8080, 8081, but you can make up your own.

Yes, you can port forward FTP sites as well.
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 34952045
Going from 10 static addresses to 2 will be tricky by only using port forwarding, in general you can say forward port 80 (from ip 1) to port 80 on a internal web server and port 80 (of ip2) to another internal web server and then say use other external ports for other services.

The only issues with using other ports is that you will end up with externalip_1:81 -> something else internally and that kinda defeats the purpose.

FTP can be problematic because of the data and control ports it uses.. can you provide more information about what you need to get working and i can be more specific.
0
 
LVL 9

Assisted Solution

by:jerrypd
jerrypd earned 250 total points
ID: 34952051
port forwarding works for virtually anything.
A webserver can host multiple sites using "host Headers" - all sites have same IP address and the web server figures out which site based on the address being requested. In this manner, one IP address handles multiple physical domains...
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Author Comment

by:jej07
ID: 34952287
I have prioritized and came up with 13 sites that I'm going to try to squeeze into those 2 IP addresses. This is hopefully just a temporary solution as I should have all 10 IP addresses back in a couple of weeks. My thought is I can have our name server assign the 2 new IP address to the 13 sites, using a port range of 4040-4053. Then create a firewall rule for those port numbers that points to the appropriate IP address on the webserver. The goal being to not change the ip and host header info on the webserver.
0
 
LVL 9

Expert Comment

by:jerrypd
ID: 34952894
i *guess* you could do that, but honestly, changing the host headers is a no-brainer...
0
 
LVL 1

Author Closing Comment

by:jej07
ID: 34953805
We're going to use both port forwarding and utilize host headers. Thank you for your help!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now