Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Natting

Posted on 2015-01-29
2
Medium Priority
?
148 Views
Last Modified: 2015-02-01
I have only 1 public ip, although I have 2 applications on port 443 that need to be usable externally.  Is there something else I can do to get them both natted to the outside?
0
Comment
Question by:Jack_son_
2 Comments
 
LVL 31

Assisted Solution

by:Rich Weissler
Rich Weissler earned 1000 total points
ID: 40578819
A reverse proxy comes to mind.
0
 
LVL 3

Accepted Solution

by:
Stephen Berk earned 1000 total points
ID: 40578943
NAT is happening at the IP and TCP layers, so you either need another IP address or you need to move one of your TCP/443 apps to a different port. It probably isn't feasible to move the app to a different port (assuming its public facing), so a 2nd IP address is probably your easiest and/or cheapest option.

That said, Rich is right on with his suggestion of a reverse proxy. I use F5 Big-IP's in this setup and let the URI's of the various web apps dictate how I will forward traffic to the servers being proxied. Here's a doc from F5 that gives an intro to URI translation (http://goo.gl/zyWGWN) and how the Big-IP proxies traffic. Don't get lost in the details, it's really just to show you what conceptually what's happening. And don't think you need an F5 solution to get a reverse proxy for web traffic. The Big-IP is an enterprise solution that handles much more than reverse proxying. Apache, Nginx, and Squid are all software proxies you can load onto a Linux server.

The Q&D: 443 traffic comes in from the Internet, the firewall NAT's to an address on the reverse proxy, the reverse proxy examines the URI and forwards to some web server.
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question