[GTALUG] Routing and/or Proxying

[William Park]

If it's more port forwarding you want, then "ssh -D".  Not sure about
routing, though vpn is the first thing that comes mind.
-- 
William


On Sat, Sep 03, 2016 at 11:05:40AM -0400, Giles Orr via talk wrote:
> I think I'm having trouble finding an answer to my questions largely
> because I don't fully know how to express them, so I'm going to try to
> do so here and see if another member of this list can take my English
> language fuzzy logic and turn it into question(s) that can more easily
> be answered ...
> 
> I'm running application servers that have to make queries to servers
> behind a firewall.  The firewall (not in my control) has to be
> configured to admit IP addresses.  Getting addresses added to the
> firewall can be slow.  So it seems to me the best way to do this would
> be to set up a couple of proxy servers with fixed/known IPs so that
> the application servers (fluctuating headcount and IPs) could make
> their requests through the proxy servers - which are known to the
> firewall.
> 
> This makes sense in my head so far.  But here's the problem: I'd like
> to send all network traffic from the application servers through the
> proxy servers, regardless of content, port, destination, anything.
> But in saying that, it begins to sound more like "routing" than
> "proxying", and enforcing this seems like it might be tricky on the
> open internet.  And authentication of some sort would seem to be
> needed to prevent bad actors using the proxy to access stuff behind
> the firewall.
> 
> A VPN is a possibility, but not one I'm enthusiastic about: I tackled
> OpenVPN a few months back, and after a day and a half and very little
> progress my brains started to slide out my ears.  But if that's what I
> need to do, I'll get back on it.
> 
> Thanks!
> 
> -- 
> Giles
> http://www.gilesorr.com/
> gilesorr at gmail.com
> ---
> Talk Mailing List
> talk at gtalug.org
> https://gtalug.org/mailman/listinfo/talk