This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

External Ip on internal server

First we have a Software Appliance running the latest version

1. Is it possible to use one of our external IP's on a internal server.
(No nat) also can we block specific traffic to that server?
2. Can we monitor the bandwidth used to that server
3. can we limit the link speed for that server

If anyone could help that would be great

This thread was automatically locked due to age.

Parents

0 BarryG over 11 years ago

Hi,

1.
a. The best way to do that is to move your IP block to a DMZ, and ask your ISP to give you a 'transfer network' (a /29 /30 will work) and for them to route all your traffic to your block via the firewall's external IP on the transfer network.

b. Alternatively, Proxy ARP is another possibility for avoiding DNAT, but I've never used it.

Either way, traffic can be filtered by source and/or dest IP, and/or service ports.

2. yes; the reporting system can do this, as can the live traffic monitor, as well as iftop on the console

3. the QOS system can be used to limit speeds by IP and/or service

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 11 years ago

Hi,

1.
a. The best way to do that is to move your IP block to a DMZ, and ask your ISP to give you a 'transfer network' (a /29 /30 will work) and for them to route all your traffic to your block via the firewall's external IP on the transfer network.

b. Alternatively, Proxy ARP is another possibility for avoiding DNAT, but I've never used it.

Either way, traffic can be filtered by source and/or dest IP, and/or service ports.

2. yes; the reporting system can do this, as can the live traffic monitor, as well as iftop on the console

3. the QOS system can be used to limit speeds by IP and/or service

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data