gabriel rosenkoetter on Sat, 11 Aug 2001 09:16:28 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Accessing IP-dependent pages from home... (detach me)


On Sat, Aug 11, 2001 at 08:47:13AM -0400, Guillermo Moyna wrote:
> You are right. I cannot ping my office machine from the outside... I 
> think that the 10.0.x.x range is wired to a server which goes out, 
> and this one is the one recognized as 'friend' by the 
> databases/digital libraries servers.

Yep. I'm purely guessing here based on my experience with other
academic institutions, but I would say that your 10net is behind a
Cisco PIX firewall (or another embedded system that does the same
work), which is doing some kind of network address translation
(NAT). The school probably does have externally-addressable IP
addresses mapped over some portion of your 10net, but they may very
well not have any for your machines. (That is, to the outside world,
most of the stuff that's in 10.whatever looks like the same IP
address, but a couple machines may look like specific IP addresses.)

> This is probably the best bet. However, the linux machine to which I 
> have access (tonga) is on a 208.7.x.x range. Could I install a second 
> NIC on this machine and set it to, say, DHCP, so that it picks one of 
> the 10.1.x.x IP's?

Yes. If you already have one externally addressable IP address on
your Linux machine, then doing what you describe (called
multihoming, btw) will work as long as there is an ethernet port you
can plug the Linux machine into that is on the right (physical)
ethernet segment to reach the DHCP server. (I'm guessing that's not
hard; all the ports in that conference room which you've kindly been
letting PLUG use popped up on 10.1.yadda, so you probably have a
similar port in your office.)

You should either make sure that your machine is not vulnerable to
any nasty remote attacks for yourself, or check with your site's
security policy about doing this kind of multihoming dance first.
(Depends on how concientious you want to be and how bureaucratic USP
is about this kind of thing.)

> I guess that was it. Probably one of verizon's 
> switches/boxes/whatevers got zapped with lightning and died. To add 
> to the aggravation, they don't have technicians to fix it, according 
> to them, until Monday (sigh).

Hey, at least it's under a week. ;^>

-- 
       ~ g r @ eclipsed.net


______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug