zoheb Posted October 19, 2016 Share Posted October 19, 2016 My VM has 5 private IP addresses: 10.20.57.11 - 15 I have to map different outbound WAN IP for each of the above IP. 10.20.57.11 -- mapped to 20.20.20.20 10.20.57.12 -- mapped to 20.20.20.21 and so on.. I can get it done through the firewall. Now what I want is to setup a forward proxy on port 9090 for all private IPs such that --- when 10.20.57.11:9090 is used in browser settings, the user will get WAN IP 20.20.20.20 --- when 10.20.57.12:9090 is used in browser settings, the user will get WAN IP 20.20.20.21 and so on Can this be achieved through single instance of tinyproxy? Or we have to setup multiple instances of tinyproxy with different IPs? Any other better approach would also do... thanks in advance. Link to comment Share on other sites More sharing options...
Mindovermaster Moderator Posted October 19, 2016 Moderator Share Posted October 19, 2016 @BudMan Link to comment Share on other sites More sharing options...
+BudMan MVC Posted October 19, 2016 MVC Share Posted October 19, 2016 why do you need/want a proxy? Looks like you already mapped your outbound traffic? What firewall are you doing this in? Link to comment Share on other sites More sharing options...
zoheb Posted October 19, 2016 Author Share Posted October 19, 2016 What firewall are you doing this in? --> Its Cisco FIrepower 4120 you already mapped your outbound traffic? --> Even though outbound traffic is mapped in fw, do we not need any service on some port for users to use? --> users will not have access to the server but can only use the service through their browsers. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted October 21, 2016 MVC Share Posted October 21, 2016 huh?? Users where outside or inside? Link to comment Share on other sites More sharing options...
zoheb Posted October 22, 2016 Author Share Posted October 22, 2016 On 10/21/2016 at 6:22 PM, BudMan said: huh?? Users where outside or inside? Users are from outside over the WAN. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted October 23, 2016 MVC Share Posted October 23, 2016 so you want a reverse proxy? Running inside your firewall? And you want it listening on 9090?? Sorry dude but at a complete loss to what your trying to accomplish here. If you have some services behind a firewall, and you own multiple public IPs. And you have configured your services to use different public IPs? Why do you not just do a simple port forward on the normal ports? if you want an added security of a reverse proxy or the ability to get to multiple private IPs via the name in the uri .. like http://www.domaina.com vs http://www.domainb.com ok then. But as of your current posts I just do not get what your wanting to do?? Link to comment Share on other sites More sharing options...
zoheb Posted November 5, 2016 Author Share Posted November 5, 2016 On 10/23/2016 at 7:31 PM, BudMan said: so you want a reverse proxy? Running inside your firewall? And you want it listening on 9090?? Sorry dude but at a complete loss to what your trying to accomplish here. If you have some services behind a firewall, and you own multiple public IPs. And you have configured your services to use different public IPs? Why do you not just do a simple port forward on the normal ports? if you want an added security of a reverse proxy or the ability to get to multiple private IPs via the name in the uri .. like http://www.domaina.com vs http://www.domainb.com ok then. But as of your current posts I just do not get what your wanting to do?? Simple port forward is what we used to do till now. Only IT personnel have access on these servers (that other team members will not have access to these) and IT use to port forward to mentioned servers and then other team in the office use to access it locally. But we have to remove dependency of IT on productivity of other team. Sometimes IT are busy with other tasks to work on their requests efficiently. For this reason we have to deploy a mechanism for other team members to use specific IP (different private nw) and port to have outbound requests going through specific WAN IP. so you want a reverse proxy? ---- > No, I want a forward proxy running inside the firewall listening on port 9090 so that other team members can access the service. Sorry if I am not able to explain it properly Link to comment Share on other sites More sharing options...
+BudMan MVC Posted November 5, 2016 MVC Share Posted November 5, 2016 "For this reason we have to deploy a mechanism for other team members to use specific IP (different private nw) and port to have outbound requests going through specific WAN IP." What??? So these servers are open to the public?? I am at a complete and utter loss to what your wanting to do?? If you have servers on your network that you do not want users to access locally. But they are available to the public?? That makes ZERO freaking sense. If you have local webserver, what could they be doing that you don't want your company users to access? They sure would not have access to admin the servers, etc. Sure if you want to put a proxy local to access something local, and then create a firewall rule to only allow that proxy to access that something. You sure and the hell do not need multiple proxies running to do that.. Mindovermaster 1 Share Link to comment Share on other sites More sharing options...
Recommended Posts