[THIN] Re: Running Secured web server and CSG on same host
- From: "Berny Stapleton" <berny.stapleton@xxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Wed, 15 Feb 2006 13:11:54 -0000
Rick,
This is externally facing, I wanted to encrypt traffic to the web server
given that passwords are being transferred.
You are right, I should have thought about that a bit harder. At the
moment we are running two IP addresses and I was aiming to replicate
that config.
Berny
________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Rick Mack
Sent: 15 February 2006 12:37
To: thin@xxxxxxxxxxxxx
Subject: RE: [THIN] Running Secured web server and CSG on same host
Hi Berny,
Why make life more complicated than it has to be?
Let CSG have port 443 and redirect CSG to WI/Nfuse on the same box on
port 80. Set your IP filtering to accept a connection on port 80 from
itself only and you can forget about using SSL for WI/Nfuse.
regards,
Rick
Ulrich Mack
Volante Systems
Level 2, 30 Little Cribb Street
Coronation Drive Office Park
Milton Qld 4064
tel: +61 7 32431847
fax: +61 7 32431992
rick.mack@xxxxxxxxxxxxxx
________________________________
From: thin-bounce@xxxxxxxxxxxxx on behalf of Berny Stapleton
Sent: Wed 15/02/2006 21:32
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Running Secured web server and CSG on same host
Heya all,
What's the best way to go about this?
I have NFuse setup with a certificate, and that therefore wants to
answer on TCP/443, and CSG also defaults to TCP/443.
I am wondering whether it's possible to have an ISAPI DLL or something
loaded to pass data to the CSG process?
I was hoping to avoid binding a second IP to the box, anyone got any
clues? Preferably not to run the processes on different ports.
This box is going to be a backup box, so backup CSG, NFuse, Mail relay,
proxy server. Essentially all things internet it's being setup for. I
was hoping to get away with just giving it a single IP address and then
just changing the NAT rules for whatever box dies. Although that's still
possible with two IPs, I would have preferred to just use one.
Thanks,
Berny
______________________________________________________________________
The contents of this transmission are confidential. If you are not the
named addressee or if it has been addressed to you in error, please
notify the sender immediately and then delete this message.
Any unauthorised copying and transmission is forbidden. Electronic
transmissions cannot be guaranteed to be secure. If verification is
required, please contact the sender.
______________________________________________________________________
########################################################################
#############
This e-mail, including all attachments, may be confidential or
privileged. Confidentiality or privilege is not waived or lost because
this e-mail has been sent to you in error. If you are not the intended
recipient any use, disclosure or copying of this e-mail is prohibited.
If you have received it in error please notify the sender immediately by
reply e-mail and destroy all copies of this e-mail and any attachments.
All liability for direct and indirect loss arising from this e-mail and
any attachments is hereby disclaimed to the extent permitted by law.
########################################################################
#############
______________________________________________________________________
The contents of this transmission are confidential. If you are not the
named addressee or if it has been addressed to you in error, please
notify the sender immediately and then delete this message.
Any unauthorised copying and transmission is forbidden. Electronic
transmissions cannot be guaranteed to be secure. If verification is
required, please contact the sender.
______________________________________________________________________
Other related posts:
