How I configure this second NIC to accept telnets from the internet?

[fonso]

This is one new explain about the las message which I have send, about the problem with the 2 NIC who don't accept incoming telnets.
....
I need to accept incoming telnets from the internet, in my SCO system.

Here, you have the map of the installation. Please, visit

http://www.ibiza-at2.com/fonso/nic2.jpg

The router 10.0.0.1 redirect all the incoming calls to the port 23 (telnet) to the 192.168.1.100 IP.

I need to conect from the remote Workstations, to the Openserver.

How I can do this ?.
The two NICs are working well with local telnets. I have configured 1 local worskstation wiht the 192.168.1.2 ip, and conected to it.

I have not do any "route" command.
I don't know anything about the routes. Sorry.

Thank you. Fonso. Spain.

 

[Wonboodoo]

Correction again. Now that I think about it that plan may not work because of the way your workstations are numbered.

 

[fonso]

Wonboodoo,
I'm very pleased for your answer.

I'm going to change the question.

Now I change one part of the installationm, and I'm searching for answers about :
Think that the SCO box has only one NIC, the 10.0.0.61 , and it is NOT connected to the ADSL router. With this configuration, the SCO box is doing services of telnet in the local lan, from the 10.0.0.xxx workstations.

The local workstation can go to the internet trougth the ftp server.

In

http://www.ibiza-at2.com/fonso/nic2.jpg,

you can see the configuration.

The ftp server is doing services of ftp, print server, and control who can go to the internet.

Now, the same question :
How I can configure, or what I need to install, to accept incoming telnets from the internet, at the SCO box, without to put the security in an awkward position ?.

I have think to install one second HUB and connect the two servers at the router adsl to share it, and install one second NIC at the SCO box, but perhaps it has any other configurations betters than this.

I need new ideas or suggestions.

Gracias y saludos. Fonso.

 

[Wonboodoo]

I assume you ADSL router is performing NAT (network address translation) and you are forwarding only incoming FTP packets (port 21) to your FTP server. If this is the case then you should be fine. The ADSL router shouldn't allow anything else in so as long as you have your ADSL router patched and your FTP server secure (latest patches and non-trivial passwords) you should be protected.

That is, your ADSL router should be acting as a firewall. It's protection is probably sufficient.

 

[fonso]

Wonboodoo ,
Yest, the router is performing NAT, and accepting only incoming packets at port 21 and 23, and forwarding it to the corresponding server.

But the question is: looking the map

http://www.ibiza-at2.com/fonso/nic2.jpg

, that is the really instalation now running, how I can configure or install in the SCO box to accept the incoming packets to port 23 (telnet)?

Now the SCO box it's NOT accepting incoming telnets from the internet, because the router is NOT shared between the two servers.

I think the first to do is connect the router directly to the SCO box, but, who I connect and configure it ?.
Install one second NIC to the SCO box, and one second hub to share the router between the ftp server and the SCO box it's the better solution ?. In this case, how I configure this second NIC ?, what IP can I configure to this second NIC ?.

We are begin to the first question another time.

Thank you and sorry, but I need to find the best solution tho this installation, and I don't know how.

Gracias. Fonso.

 

[Annihilannic]

You don't need the second NIC. Connect your ADSL router to the hub, and as long as it's redirecting the incoming conections to the correct IP address it should be fine. Your ADSL router will need to be added as the default gateway: route add default 10.0.0.1 Annihilannic.

 

[fonso]

Annihilannic ,
this is the first step that I'm looking for : the security would be questionable if I connect the router directly to the HUB, and it's not permitted by restrictions of the FTP server technical person.

They are controlling the access to internet from the workstations with the FTP Server.

I need another solution.

Gracias, y feliz año 2003 !.
Fonso.

 

[Annihilannic]

So you effectively have two firewalls for your normal client workstations (the router and the FTP server)? Can the one on the FTP server be set up to redirect incoming telnet connections to your OpenServer system?

Otherwise I don't think there is an easy networking solution, though I'm not a networking expert!

Perhaps it could be done if you followed Wonbondoo's suggestion of making a subnet, netmask 255.255.255.252, and have the following on it:

10.0.0.1 ADSL router
10.0.0.2 FTP server NIC 2
10.0.0.3 OpenServer system NIC 2

and route add default 10.0.0.1 on the FTP server and OpenServer system.

It's very awkward that you're using two separate 10.0.0 networks (one between the workstations and FTP server, and the other between FTP server and ADSL router) otherwise this would probably be much easier to configure. Annihilannic.