How do I make DNS work with a firewall?page up: Firewalls FAQnext page: 46 How do I make Telnet work through my firewall?
Generally, making FTP work through the firewall is done either using a proxy server such as the firewall toolkit’s ftp-gw or by permitting incoming connections to the network at a restricted port range, and otherwise restricting incoming connections using something like “established” screening rules. The FTP client is then modified to bind the data port to a port within that range. This entails being able to modify the FTP client application on internal hosts. In some cases, if FTP downloads are all you wish to support, you might want to consider declaring FTP a “dead protocol” and letting you users download files via the Web instead. The user interface certainly is nicer, and it gets around the ugly callback port problem. If you choose the FTP-via-Web approach, your users will be unable to FTP files out, which, depending on what you are trying to accomplish, may be a problem. A different approach is to use the FTP “PASV” option to indicate that the remote FTP server should permi
Related Questions
- How might I increase the security and scalability of my DMZ?page up: Firewalls FAQnext page: 33 How can I block all of the bad stuff?
- How do I make DNS work with a firewall?page up: Firewalls FAQnext page: 46 How do I make Telnet work through my firewall?
- What can a firewall protect against?page up: Firewalls FAQnext page: 12 What about viruses?
