[GTALUG] Routing and/or Proxying
William Park
opengeometry at yahoo.ca
Sat Sep 3 20:53:52 EDT 2016
If it's more port forwarding you want, then "ssh -D". Not sure about
routing, though vpn is the first thing that comes mind.
--
William
On Sat, Sep 03, 2016 at 11:05:40AM -0400, Giles Orr via talk wrote:
> I think I'm having trouble finding an answer to my questions largely
> because I don't fully know how to express them, so I'm going to try to
> do so here and see if another member of this list can take my English
> language fuzzy logic and turn it into question(s) that can more easily
> be answered ...
>
> I'm running application servers that have to make queries to servers
> behind a firewall. The firewall (not in my control) has to be
> configured to admit IP addresses. Getting addresses added to the
> firewall can be slow. So it seems to me the best way to do this would
> be to set up a couple of proxy servers with fixed/known IPs so that
> the application servers (fluctuating headcount and IPs) could make
> their requests through the proxy servers - which are known to the
> firewall.
>
> This makes sense in my head so far. But here's the problem: I'd like
> to send all network traffic from the application servers through the
> proxy servers, regardless of content, port, destination, anything.
> But in saying that, it begins to sound more like "routing" than
> "proxying", and enforcing this seems like it might be tricky on the
> open internet. And authentication of some sort would seem to be
> needed to prevent bad actors using the proxy to access stuff behind
> the firewall.
>
> A VPN is a possibility, but not one I'm enthusiastic about: I tackled
> OpenVPN a few months back, and after a day and a half and very little
> progress my brains started to slide out my ears. But if that's what I
> need to do, I'll get back on it.
>
> Thanks!
>
> --
> Giles
> http://www.gilesorr.com/
> gilesorr at gmail.com
> ---
> Talk Mailing List
> talk at gtalug.org
> https://gtalug.org/mailman/listinfo/talk
More information about the talk
mailing list