[JDEV] firewall config for ssl

Bruce Duncan brucedduncan at yahoo.com
Fri Oct 12 13:08:23 CDT 2001 

yup..that was the issue....i did a cname
in my external dns that made the firewall
machine look ilke the same name as used internally..
worked right away with only the ssl port open.

thanks..

bruce
--- John Draughn <jdraughn at kiorisoft.com> wrote:
> Do you have the <name/> field in the jabber.xml
> (jabberd config file) to
> the name of the nat box?  If I remember correctly,
> server will reject
> logon attempts due to "invalid server specified" or
> similar if the name
> isn't listed.
> 
> Might want to check up on that.
> 
> -John 'zariok' Draughn
> 
> On Fri, 2001-10-12 at 00:33, Bruce Duncan wrote:
> > here's part of my iptables script.  i can telnet
> to
> > the firewall machine from outside on port 5223 and
> get
> > connected.  This looks just like the bits i have
> for 
> > forwarding sendmail and pop3 requests in thru the
> > firewall to an internal machine...don't know why
> this
> > doesn't seem to work right.
> > 
> > 
> > 
> > #
> > #   IM forwarding
> > #
> > #
> > iptables -t nat -A PREROUTING -i
> $EXTERNAL_INTERFACE
> > -j DNAT -p tcp -d $FIREWALL
> > _MACHINE --dport 5223 --to $IM_MACHINE:5223
> > #
> > #    IM allowances
> > #
> > # Allow SSL'd IM traffic to come in throught the
> > external interface and get
> > # forwarded to the internal interface if its bound
> for
> > the im machine
> > #
> > iptables -N IM
> > iptables -A IM -j ACCEPT
> > 
> > iptables -A FORWARD -p tcp  -m state --state NEW 
> -s  
> > 0/0  -d   $IM_MACHINE --d
> > estination-port 5223  -j IM
> > 
> > 
> > 
> > 
> > __________________________________________________
> > Do You Yahoo!?
> > Make a great connection at Yahoo! Personals.
> > http://personals.yahoo.com
> > _______________________________________________
> > jdev mailing list
> > jdev at jabber.org
> > http://mailman.jabber.org/listinfo/jdev
> 
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev


__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com

More information about the JDev mailing list