Bhella Paramjeet-PFCW67 wrote:
Hi
We will be setting up a production postgres database to which an
application will connect through a firewall. Can any one please tell me
if there is any configuration that needs to be done on the postgres
database side for firewall. Is there any documentation that I can refer
to. Any help will be appreciated.
Thanks
Paramjeet Bhella
If you are using NAT then you need port forwarding setup on the
firewall. If not then you need to make sure it allows the pg traffic
through.
Your firewall docs will show how to setup that. Default port for pg is 5432
As far as pg config goes the client ip addresses need to be allowed to
connect. This is setup in pg_hba.conf
see chapter 21
http://www.postgresql.org/docs/8.3/interactive/client-authentication.html
For connections over the internet you should configure postgresql with
SSL support and use something like -
hostssl mydb +usergroup 192.168.1.0/24 md5
The problems arise if you want to allow roaming users that can have
varying ip addresses - try to find a solution that doesn't allow any
computer on the net to connect.
Will you (or can you) have VPN access to the internal network?
--
Shane Ambler
pgSQL (at) Sheeky (dot) Biz
Get Sheeky @ http://Sheeky.Biz
--
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin