?
Solved

Port forwarding and reverse proxy, somewhat different question

Posted on 2014-03-27
2
Medium Priority
?
1,432 Views
Last Modified: 2014-03-27
Are port forwarding mostly performed by routers and switches with router capability ?

Or are there other products that would perform this within the context of a firewall and DMZ based system

Thanks
0
Comment
Question by:Anthony Lucia
2 Comments
 
LVL 9

Accepted Solution

by:
rfportilla earned 1000 total points
ID: 39959144
Without a specific example, I'm not sure what you are looking for.  

Port forwarding would typically be a NAT function or firewall function.  The purpose is to allow certain traffic through.  Many routers have NAT and Firewall capabilities, but the primary purpose of a router is to send traffic accross different IP subnets regardless of port number.

In the case of a firewall, Port forwarding is primarily for security.  This can be direct translation from port number to port number.  (a request on port 80 on the firewall translates to port 80 on a server.  

In the case of NAT, which is very common, it is used to counter the IP range compression.  In other words, NAT takes all IP requests from the internal network and sends them out to the public network as being from 1 IP address, typically.  Therefore, all hosts from the outside see only 1 IP address.  If you have multiple computers on the inside network that host the same service on the same port, a direct translation scheme won't work.  For instance, if you have 3 computers on your network that require remote access via port 3389 and the NAT only has one public IP address, the public port 3389 can only map to one computer.   There for you can do what is called PAT (Port Address Translation) to forward one port to another, such as port 3390 on the NAT to port 3389 of a specific computer in the protected network.

This concept is independent of private network and DMZ, although typically, in a secure network, you should provide public services from a DMZ.  

I don't know if this answers your question.  Please provide feedback.  Thanks.
0
 
LVL 10

Assisted Solution

by:0xSaPx0
0xSaPx0 earned 1000 total points
ID: 39959152
Port forwarding is usually performed by a firewall or a router. Basically whatever filtering device is being used to filter network traffic.

If you have an internal service on an internal address and you need external clients to access it you can use port forwarding to allow the traffic to pass to the internal network.

Switches generally are not used for port forwarding unless there are VLANs implemented that require that functionality. However since switches are not as efficient as firewalls or routers for this purpose it is generally not recommended to do so.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Each password manager has its own problems in dealing with certain websites and their login methods. In Part 1, I review the Top 5 Password Managers that I've found to be the best. In Part 2 we'll look at which ones co-exist together and why it'…
You do not need to be a security expert to make the RIGHT security. You just need some 3D guidance, to help lay out an action plan to secure your business operations. It does not happen overnight. You just need to start now and do the first thin…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question