On 2005.11.03 01:45, Ashley M. Kirchner - ashley@xxxxxxxxxx wrote:
Maybe you can let the kiosk hosts connect to the server and perform GET
and PUT commands. The server then only has to put the needed updates in
a specific directory where the kiosk hosts can download them from. This
way the hosts themselves don't have to be reachable on the internet
which would be better from a security point of view.
Thanks for the explanation Rob.
I can't control what happens on the serverside. That's a third party
company. I figured regardless of me being able to forward port 21 to one of
these machines without a problem, I can't do it for all three. So I think
I'm screwed either way. Grrr...
OK, here is how I understand your situation:
Each kiosk must have a distinct identity to the outside service.
A kiosk must play the role of an ftp server.
A server has to listen on a well known port.
The outside system can only use the standard ftp port.
(This does seem a rather inflexible design, but ...)
The only other way to distinguish servers is the IP address.
So, maybe you can get more IP addresses.
Some ISP's allow you to have more than one public IP.
(Sometimes they want a few bucks extra rent :-)
You can arrange to have the firewall in question
respond to 3 IP addresses on the outside interface and
forward the now distinct traffic to the 3 kiosks.
If this is possible, it might be better than being screwed.
HTH
--
Jim Laurino
nfcan.x.jimlaur@xxxxxxxx
Please reply to the list.
Only mail from the listserver reaches this address.
