Home › Forums › Older Versions of Mac OS X and iOS › Mac OS X Server 10.3 › General Discussion › Panther 10.3 business setup problems
- This topic has 1 reply, 2 voices, and was last updated 21 years, 1 month ago by
Anonymous.
-
AuthorPosts
-
March 5, 2004 at 4:19 pm #357562
drgball
ParticipantWe have been using a mix of Linux and OpenBSD machines in our business.
The BSD machine serves as the firewall and when it was set up, we had to put a Linksys router in between the cable modem and the firewall to do NAT. The problem is that this arrangement does not allow for convenient management
and control. We use Macs for all of our development and the Linux machines to test the products before delivery. I would like to migrate to OS X server to make life a little easier. Unfortunately, there seems to be some issues that I can’t resolve (neither can DNS).The scenario is as follows:
3 fixed IP addresses from the ISP via cable modemDNS supplied by the ISP (preferable since we don’t have a requirement for internal DNS)
switch between the cable modem and the machines
Airport for wireless connections to internal machines
G4 machine with dual NIC running the OS X server (10.3).
I have followed the example in the Apple documents on small business set up (DHCP, DNS, Firewall, NAT), but that only works up to a point. On my laptop,iIf I do a dig for an address look up from the command line, I get a response. If I try to use the web browser from my laptop I get no sever found.
What I would really like to accomplish is to set up the server so that it handles the NAT, runs the firewall, and DNS is obtained from the ISP. DHCP can be handled by the Airport base station.
Considering the power of OS X and the admin tools, I think that this should be a fairly straight forward set up. I do wonder why Apple is using the older IPFW instead of iptables, but that’s for another discussion.
I have tried several examples of setting up this system from stuff I’ve found on the web, including a couple of articles from this BB.
Any suggestions as to how to make this work would be greatly appreciated.
Thanks
March 6, 2004 at 12:09 am #357567Anonymous
ParticipantAfter much thinking and experimenting, the problem as I had figured was in
the firewall. The fix in my case, was to add a rule of the type:allow 192.168.0.0/16 to any in
Without this rule, the firewall blocked the nat’d ip addresses even though the
traffic originated on the inside of the firewall.I also set up an A record in DNS to go from my internal port to my ISP dns server.
Hope this helps someone else with their server.
-
AuthorPosts
- You must be logged in to reply to this topic.
Comments are closed