Re: Postgres database and firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bhella Paramjeet-PFCW67 wrote:
Hi

We will be setting up a production postgres database to which an
application will connect through a firewall. Can any one please tell me
if there is any configuration that needs to be done on the postgres
database side for firewall. Is there any documentation that I can refer
to. Any help will be appreciated.
Thanks
Paramjeet Bhella

If you are using NAT then you need port forwarding setup on the firewall. If not then you need to make sure it allows the pg traffic through.
Your firewall docs will show how to setup that. Default port for pg is 5432

As far as pg config goes the client ip addresses need to be allowed to connect. This is setup in pg_hba.conf

see chapter 21 http://www.postgresql.org/docs/8.3/interactive/client-authentication.html

For connections over the internet you should configure postgresql with SSL support and use something like -

hostssl    mydb  +usergroup  192.168.1.0/24  md5


The problems arise if you want to allow roaming users that can have varying ip addresses - try to find a solution that doesn't allow any computer on the net to connect.


Will you (or can you) have VPN access to the internal network?



--

Shane Ambler
pgSQL (at) Sheeky (dot) Biz

Get Sheeky @ http://Sheeky.Biz

--
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux