Other team need to access absence url from outside, system need to be setup not more than 10 minutes.
How to reach lan from public access and lock it to specified public ip address only ?
Using redirection is the fastest solution.
For illustration :
We have 3 computer, A, B and C. Each computer has specification.
Computer A, has ip address :
Public : 22.214.171.124
Computer B, has ip address :
Public : 126.96.36.199
Local : 188.8.131.52
Computer C, has ip address :
Local : 184.108.40.206 ( where absence script, apache etc reside)
User type address, http://220.127.116.11:8081 and they will get same page as they were access
http://www.oldaddress.com from lan.
Login to computer B via putty and open pf.conf using ee or another editor.
Snippet of pf.conf for that purpose (redirection) :
EXT = "fxp0"
INT = "em0"
LAN_clients = "18.104.22.168/16"
TCP_OPTIONS = "flags S/SAFRUP keep state"
set loginterface $EXT
scrub in on $EXT all
rdr on $EXT proto tcp from $ip_public to $ip_hosting port 8081 -> $ip_lan port 80
save the file.
Stop pf (pfctl -d)
Enable pf again (pfctl -e -f /etc/pf.conf)
Why I still can’t see the page?
Well, perhaps in computer C you have to set route for lan access to computer B.
just delete existing route will do that magic 🙂
#route delete default
#route add default 22.214.171.124
Common problem that I see when I try this method is forget to check the route 🙂
Just ask user to test, good luck.
Happy redirecting 😉