Sean, We keep a status for the dialup account users. When they logon, they recieve a specific IP from us denoting status (ie if they are in the billing status the ip would range from 192.168.153.*).
When we only use DNAT, the packets never make their way back to the client machine. Thats why we are routing the packet back through the proxy server. I have sniffed every possible place along the line using only the DNAT (excluding the router, and some other machines it must go through), and have seen everything working properly. Brad ----- Original Message ----- From: "Sean Estabrooks" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, August 21, 2003 1:59 PM Subject: Re: Proxy server > On Thu, 21 Aug 2003 13:53:35 -0400 > "Brad Hittle" <[EMAIL PROTECTED]> wrote: > > > This one is for all the gurus! > > > > Here is the problem: > > I'm setting up a Proxy server for my company so that it does a destination NAT on the IP. For those people that don't want to pay for our service, we want to direct them to a webpage that they can either cancel their service or agree that they will pay us. The clients use an IP in the range of 192.168.*.* (255 class C's) > > > > This is how far I've gotten: > > I've setup the machine with destination NAT and masquerading, and all of that works great. Dialup users get routed through the proxy machine and the packets coming in get their destination changed to go to one of our web servers. Then it comes back through the proxy to the client. We have tried just a normal DNAT without masquerading, but the packet goes all the way to the web server but it can't find its way back from that point. > > > > The problem we are encountering: > > Whenever a client does this, a coldfusion page is supposed to look-up their IP and retrieve their login information. It displays the username, how much they owe us, etc. What is happening is that the coldfusion page is recieving the IP for the Proxy server rather than the IP for the client machine. > > > > The question: > > Is there anyway to retrieve the IP of the client machine so we can retrieve their information? > > > > > > Thanks in advance for all the help, it is greatly appreciated!! > > > > Brad Hittle > > Brad, > > The setup you're proposing will likely have many problems. > People on dialup service get a different IP everytime they connect. > Many people share an IP from behind a firewall.. etc. etc. > > Having said that, if you are only using DNAT then the > source address is not changed at all and you should be able > to simply use it. > > Cheers, > Sean > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
