Home Forums Older Versions of Mac OS X and iOS Mac OS X Server 10.3 General Discussion Panther 10.3 business setup problems

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #357562
    drgball
    Participant

    We have been using a mix of Linux and OpenBSD machines in our business.
    The BSD machine serves as the firewall and when it was set up, we had to put a Linksys router in between the cable modem and the firewall to do NAT. The problem is that this arrangement does not allow for convenient management
    and control. We use Macs for all of our development and the Linux machines to test the products before delivery. I would like to migrate to OS X server to make life a little easier. Unfortunately, there seems to be some issues that I can’t resolve (neither can DNS).

    The scenario is as follows:
    3 fixed IP addresses from the ISP via cable modem

    DNS supplied by the ISP (preferable since we don’t have a requirement for internal DNS)

    switch between the cable modem and the machines

    Airport for wireless connections to internal machines

    G4 machine with dual NIC running the OS X server (10.3).

    I have followed the example in the Apple documents on small business set up (DHCP, DNS, Firewall, NAT), but that only works up to a point. On my laptop,iIf I do a dig for an address look up from the command line, I get a response. If I try to use the web browser from my laptop I get no sever found.

    What I would really like to accomplish is to set up the server so that it handles the NAT, runs the firewall, and DNS is obtained from the ISP. DHCP can be handled by the Airport base station.

    Considering the power of OS X and the admin tools, I think that this should be a fairly straight forward set up. I do wonder why Apple is using the older IPFW instead of iptables, but that’s for another discussion.

    I have tried several examples of setting up this system from stuff I’ve found on the web, including a couple of articles from this BB.

    Any suggestions as to how to make this work would be greatly appreciated.

    Thanks

    #357567
    Anonymous
    Participant

    After much thinking and experimenting, the problem as I had figured was in
    the firewall. The fix in my case, was to add a rule of the type:

    allow 192.168.0.0/16 to any in

    Without this rule, the firewall blocked the nat’d ip addresses even though the
    traffic originated on the inside of the firewall.

    I also set up an A record in DNS to go from my internal port to my ISP dns server.

    Hope this helps someone else with their server.

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

Comments are closed