[jadmin] Jabber via a DMZ proxy - SOLVED
KWermann at misti.com
KWermann at misti.com
Wed Oct 19 09:51:52 CDT 2005
Hi Jeff,
I am curious why you used the proxy instead of just setting up firewall
rules to allow redirection of traffic over port 5223/SSL or 5222/Unsecure
to the Jabber server within the DMZ? You then have the FQDN registered on
both internal DNS and External DNS servers. You would then configure
routing and firewall rules from your LAN and the Internet to the DMZ.
It seems that adding the proxy server would require extra steps. Is this
just so you are not showing port 5223 available on the net through the
firewall? Are you having internal users access the server via 5223/5222
without the proxy server?
Now, everything I said may not be applicable if you are doing this because
you do not have a DMZ or Firewall to begin with. If that is the case just
let me know.
I only write this because I find firewall/DMZ/proxy items very
interesting.
Instead of building a Linux firewall, does anyone know if SmoothWall's
default install can do this easier?
Best Regards,
Ken Wermann
jadmin-bounces at jabber.org wrote on 10/18/2005 05:32:18 PM:
> For anyone interested in setting up a DMZ-based proxy server to
> enable Jabber usage, I've posted instructions in my blog, located here:
> http://openrent.blogspot.com/
>
> In a nutshell, you build an Apache forward proxy that enables Jabber
> over HTTP. The benefit is the ability to securely use an internal
> Jabber server from anywhere in the world (assuming your Jabber
> client supports HTTP proxy, like Gaim does).
>
> Jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jadmin/attachments/20051019/538f5ce6/attachment-0005.htm>
More information about the JAdmin
mailing list