Hosting Provided By

Re: Company Firewall's IP Address

From: Bill Hamel <billh(at)bugs.hamel.net>
Date: Tue Nov 19 2002 - 09:46:23 EST

Ya know, if I didn't know any better I would think this thread is going in the direction of confusing the 'basic-security' reader.

At the routing level packets will ALWAYS go to the next-hop which may not be the final source or destination, so the first part of your statement makes some sense.
The second part does not make sense. What does "Extrapolate proxies" have to do with how something is going to route on the net ? Since this is a Basic-Security forum, please enlighten me. I am always willing to learn something new.

The original user had a window pop up in a browser that showed him the IP address of the external interface of the firewall.

This is absolutely normal if you "Extrapolate" what is going on.

The user opens up his/her browser on their desk top. Their desktop has an internal IP address. The firewall translates this into and Externally routable IP address which lives on the external interface of the firewall.

Once that packet is fired off to it's destination it typically goes through multiple hops (see "Traceroute") to get there. It needs a return path back to the external interface of the firewall hence the IP address MUST be available to the destination.

IMHO a "Proxy" has nothing to do with this see "Basic Routing Principals" ;)

-bh

Do you need help?

On Mon, 18 Nov 2002, Meritt James wrote:

> The packets do not have to go directly to the source IP. They have to
Received on Fri Nov 22 19:40:13 2002

This message: [ Message body ]
Next message: Quentin Hartman: "Domain login through a NAT / FW?"
Previous message: Benjamin Meade: "FW: Kerio Personal Firewall"
In reply to Meritt James: "Re: Company Firewall's IP Address"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:23 EDT