Solved

Port forwarding and reverse proxy, somewhat different question

Posted on 2014-03-27
2
1,243 Views
Last Modified: 2014-03-27
Are port forwarding mostly performed by routers and switches with router capability ?

Or are there other products that would perform this within the context of a firewall and DMZ based system

Thanks
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 9

Accepted Solution

by:
rfportilla earned 250 total points
ID: 39959144
Without a specific example, I'm not sure what you are looking for.  

Port forwarding would typically be a NAT function or firewall function.  The purpose is to allow certain traffic through.  Many routers have NAT and Firewall capabilities, but the primary purpose of a router is to send traffic accross different IP subnets regardless of port number.

In the case of a firewall, Port forwarding is primarily for security.  This can be direct translation from port number to port number.  (a request on port 80 on the firewall translates to port 80 on a server.  

In the case of NAT, which is very common, it is used to counter the IP range compression.  In other words, NAT takes all IP requests from the internal network and sends them out to the public network as being from 1 IP address, typically.  Therefore, all hosts from the outside see only 1 IP address.  If you have multiple computers on the inside network that host the same service on the same port, a direct translation scheme won't work.  For instance, if you have 3 computers on your network that require remote access via port 3389 and the NAT only has one public IP address, the public port 3389 can only map to one computer.   There for you can do what is called PAT (Port Address Translation) to forward one port to another, such as port 3390 on the NAT to port 3389 of a specific computer in the protected network.

This concept is independent of private network and DMZ, although typically, in a secure network, you should provide public services from a DMZ.  

I don't know if this answers your question.  Please provide feedback.  Thanks.
0
 
LVL 10

Assisted Solution

by:0xSaPx0
0xSaPx0 earned 250 total points
ID: 39959152
Port forwarding is usually performed by a firewall or a router. Basically whatever filtering device is being used to filter network traffic.

If you have an internal service on an internal address and you need external clients to access it you can use port forwarding to allow the traffic to pass to the internal network.

Switches generally are not used for port forwarding unless there are VLANs implemented that require that functionality. However since switches are not as efficient as firewalls or routers for this purpose it is generally not recommended to do so.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question