Anand Shankar wrote: > The proposed scenario is that on a Web server hosted on DMZ, we have > hyperlinks. If the user out on the internet clicks on these > hyperlinks, the application/ webpages hosted on an internal web server > (192.168.*.*) are presented to the end user.
There are quite a few ways of doing this sort of a thing, one which I might try first is using a proxy for the whole site.( nginx would be the first candidate for that ). Setup a proxy around the whole website that runs on port 80 of the DMZ machine ( lets call it A ), and then run httpd services on A:8090, have ngingx from A:80 proxy everything through to A:8089. if A has connectivity to the .lan machine ( lets call it B.lan ), then you could have nginx do url matching for specific patterns, and when those patterns are seen, proxy the request back to B.lan:8090 [1] If A does not have direct access to B.lan you can either use openvpn to setup a tunnel or use ssh as a transport ( check out ssh's -L option ) to export the B.lan:8090 port over to A:8091, and config nginx accordingly. Is this the sort of thing you had in mind ? - KB [1]: Best practicies, run all production services on the same port, when run behing a proxy. _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/