Re: [tlug] Connecting 2 networks

[Tim Hurman <kano-tlug@example.com>]

On Sat, Mar 29, 2003 at 11:41:32PM +0900, Batara Kesuma wrote:

<snip>

> 
> I can only access database server through Web Server A or Web Server B.
> The problem is, when I try to ssh to Database Server from Web Server A &
> B, it takes very long to connect. So I wonder maybe this is not the right
> way to connect 2 networks? Maybe I need a router for Network 2 too? 
> 

Is the database box trying to use the ident protcol to see who you are,
but the front end machines do not (should not) have it running. Try
sniffing the private network to see what packets are being produced in
reponse to your ssh connection. You may want some routing ability on your
private network anyway, especially if you want to do content updates
and/or access the database without having to use the public Internet.

Btw another thing to note when posting to lists is that it is probably not
a good idea to post details of your internal/external IP address
assignments (just obscure them). A potential intruder may use the details
in an attack against you. For instance if you do not have strict
multi-homing tuned on it may be possible to put packets with your internal
network addresses on the external interface and have them accepted.

Tim.

-- 
"ergo it is easier to drag sheep downhill" - Applied Ergonomics Magasine
Tim Hurman - Email: kano at kano.org.uk - Phone: Yeah right.