-
1
- #1
Hey guys,
Got a quick question. I have a Win2k3 Domain Controller behind a hardware firewall. Win 2k3 dc is running DNS services for the domain. I am using No-IP Dynamic DNS to manage my domain name, and all requests for my TLD are going through the hardware firewall, where port forwarding is forwarding them on to my domain controller.
For Security reasons, I would like to have my domain controller not exposed at all to the internet. I have several other Win2k3 servers I would like to access as terminal servers and web servers. Right now, I have to enter a special port to access them. For example, for "SERVER2"(a terminal server) I have to logon to remote desktop as <my domain>:3390 in order for the port to be routed to the right server.
How can I enable NAT/DNS/My firewall to port forward based on the hostname. For example: connecting to server1.<mydomain>.com would forward all the correct ports (3389 for RDP and 80 for WWW) and connecting to server2.<mydomain>.com would get forwarded to server2?
I have read on the internet that this is "impossible due to restrictions in NAT", but that doesn't seem right, because I know IIS handles host headers and you can set up multiple sites on IIS using several hostnames but only one IP. That doesnt seem like much of a leap to make it work for all protocols.
Got a quick question. I have a Win2k3 Domain Controller behind a hardware firewall. Win 2k3 dc is running DNS services for the domain. I am using No-IP Dynamic DNS to manage my domain name, and all requests for my TLD are going through the hardware firewall, where port forwarding is forwarding them on to my domain controller.
For Security reasons, I would like to have my domain controller not exposed at all to the internet. I have several other Win2k3 servers I would like to access as terminal servers and web servers. Right now, I have to enter a special port to access them. For example, for "SERVER2"(a terminal server) I have to logon to remote desktop as <my domain>:3390 in order for the port to be routed to the right server.
How can I enable NAT/DNS/My firewall to port forward based on the hostname. For example: connecting to server1.<mydomain>.com would forward all the correct ports (3389 for RDP and 80 for WWW) and connecting to server2.<mydomain>.com would get forwarded to server2?
I have read on the internet that this is "impossible due to restrictions in NAT", but that doesn't seem right, because I know IIS handles host headers and you can set up multiple sites on IIS using several hostnames but only one IP. That doesnt seem like much of a leap to make it work for all protocols.
