Solved

Port forwarding and reverse proxy, somewhat different question

Posted on 2014-03-27
2
1,213 Views
Last Modified: 2014-03-27
Are port forwarding mostly performed by routers and switches with router capability ?

Or are there other products that would perform this within the context of a firewall and DMZ based system

Thanks
0
Comment
Question by:Anthony Lucia
2 Comments
 
LVL 9

Accepted Solution

by:
rfportilla earned 250 total points
ID: 39959144
Without a specific example, I'm not sure what you are looking for.  

Port forwarding would typically be a NAT function or firewall function.  The purpose is to allow certain traffic through.  Many routers have NAT and Firewall capabilities, but the primary purpose of a router is to send traffic accross different IP subnets regardless of port number.

In the case of a firewall, Port forwarding is primarily for security.  This can be direct translation from port number to port number.  (a request on port 80 on the firewall translates to port 80 on a server.  

In the case of NAT, which is very common, it is used to counter the IP range compression.  In other words, NAT takes all IP requests from the internal network and sends them out to the public network as being from 1 IP address, typically.  Therefore, all hosts from the outside see only 1 IP address.  If you have multiple computers on the inside network that host the same service on the same port, a direct translation scheme won't work.  For instance, if you have 3 computers on your network that require remote access via port 3389 and the NAT only has one public IP address, the public port 3389 can only map to one computer.   There for you can do what is called PAT (Port Address Translation) to forward one port to another, such as port 3390 on the NAT to port 3389 of a specific computer in the protected network.

This concept is independent of private network and DMZ, although typically, in a secure network, you should provide public services from a DMZ.  

I don't know if this answers your question.  Please provide feedback.  Thanks.
0
 
LVL 10

Assisted Solution

by:0xSaPx0
0xSaPx0 earned 250 total points
ID: 39959152
Port forwarding is usually performed by a firewall or a router. Basically whatever filtering device is being used to filter network traffic.

If you have an internal service on an internal address and you need external clients to access it you can use port forwarding to allow the traffic to pass to the internal network.

Switches generally are not used for port forwarding unless there are VLANs implemented that require that functionality. However since switches are not as efficient as firewalls or routers for this purpose it is generally not recommended to do so.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
What is the best password manager? 12 148
MS hosted exhange security 2 36
PCI compliance 16 33
exchange, activesync 2 10
Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question