From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1M1S6q-0002rQ-Vp for garchives@archives.gentoo.org; Tue, 05 May 2009 21:23:29 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E5319E04B9; Tue, 5 May 2009 21:23:27 +0000 (UTC) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by pigeon.gentoo.org (Postfix) with ESMTP id 94D83E04B9 for ; Tue, 5 May 2009 21:23:27 +0000 (UTC) Received: from sascha.localnet ([78.52.63.163]) by mrelayeu.kundenserver.de (node=mreu2) with ESMTP (Nemesis) id 0MKv5w-1M1S6o38mv-00017j; Tue, 05 May 2009 23:23:26 +0200 From: Sascha Hlusiak To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] A networking question... Date: Tue, 5 May 2009 23:23:52 +0200 User-Agent: KMail/1.11.2 (Linux/2.6.29-gentoo-r2; KDE/4.2.2; i686; ; ) Cc: Steve References: <4A00A266.9070102@shic.co.uk> In-Reply-To: <4A00A266.9070102@shic.co.uk> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart5115823.Ajd6tsfOGX"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200905052324.07892.saschahlusiak@arcor.de> X-Provags-ID: V01U2FsdGVkX1/SZyoTKLjAH3G32uuWDCLpbuLwqcl2+nVeFIB 8OKp2SJtDnt8/6Kdlm6zOh8JAZ6Qdbs2GohZo47ndlKcKpDV7N 1MBdglY8f1z1eFpex8Bzi4mfsBuutPl X-Archives-Salt: 1c7cd9b5-79c6-41e3-8e38-9c407d601558 X-Archives-Hash: 8ccf8299f76b5e33cceb1159766ccda1 --nextPart5115823.Ajd6tsfOGX Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Am Dienstag 05 Mai 2009 22:32:38 schrieb Steve: > I've a gentoo box sat behind a firewall - it runs a apache and sshd with > holes punched through NAT to allow remote access. It runs DHCP and DNS > services for my LAN. > > I would like to run a second instance of apache on a fresh IP address - > to simulate a hosted environment supporting https. I need to be able to > access my second apache locally by URL on my LAN (which I can map > however I chose using my DNS config.) I also need to be able to access > this second apache from a remote site (assume gentoo again, for > simplicity) over an SSL tunnel - even if the remote server already runs > apache doing something else again. It isn't acceptable for the second > apache to be accessible publicly. =20 The easiest thing would probably be to just use ssh port forwarding because= =20 you already have all the pieces running anyway. Wouldn't a simple ssh -L 12345:secondapache:https user@remotessh and the browsing to https://localhost:12345 do the trick? Or you could use = a=20 pppd over ssh vpn, yes, but that is a bit more complex. =2D Sascha --nextPart5115823.Ajd6tsfOGX Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEABECAAYFAkoArncACgkQOyDtNneHFrMgegCgoyttVzQik7MN9/t8qsJJgeaB jDoAn3JpQq1zTcTZ6Jw3rQLz56IiJ3ky =rHA8 -----END PGP SIGNATURE----- --nextPart5115823.Ajd6tsfOGX--