Internal Server – Firewall workaround needed

February 3rd, 2009 by Richy B. Leave a reply »

At work, we’re developing something on an internal server which is behind several firewalls and routers, but we need to allow a third party website (Paypal to be exact) to be able to connect to the web server.

It is nearly impossible for me to put this machine either on the public internet or make a hole in the firewall tables (basically, it’s behind our internal NAT providing router, which is then on a NATted firewalled building router, which is then on another NATted firewalled building providers router/VPN – and then the ISPs NATted firewalled router). As you can imagine, being behind 4 routers each with their own firewall configuration and us being unable to get the rules changes makes this a bit difficult.

However, along with the Linux based web server within our LAN, I do also have a remote Linux server with spare IPs. But how can I setup a connection so that the 3rd party can go to which then connects to my remote Linux server which then, somehow, connects to the LANed server.

We can make as many outbound connections on whichever ports we like from our LAN (so I can connect the LAN server to the remote server), but then how do I do the connection and how do I then forward the requests inbound?

Any ideas?

This post is over 6 months old.

This means that, despite my best intentions, it may no longer be accurate.

This blog holds over 12 years of archived content - during that time, I may have changed my opinion of something, technology will have advanced (and old "best standards" may no longer be the case), my technology "know how" has improved etc etc - it would probably take me a considerable amount of time to update all the archival entries: and defeat the point of keeping them anyway.

Please take these posts for what they are: a brief look into my past, my history, my journey and "caveat emptor".

Leave a Reply

%d bloggers like this: