[cvsnt] Partialy OT: CVSNT and Firewall/Router

keith d. zimmerman lists at kdz13.net
Fri Sep 19 22:35:49 BST 2003 

We have a guy here who does the same thing.  The problem with most NAT
implementations is that they do not deal with the inside connection
thing quite right.  Your two best bets are:

	1.  If you have control of the DNS server inside the firewall,
you could make myhost.com point to the internal address instead.  This
doesn't work if you have other services set up on other boxes inside
that you would like to access.
	2.  You can edit your {WindowsSystemDirectory}\drivers\etc\hosts
to contain a bogus entry like 
			10.3.6.183
MyCurrentCvsServer
And then you could have little batch files that swap the IP inside that
file.  Then you would do
				cvs -d:sspi:MyCurrentCvsServer:/repos co
modulename
And the ip of the server switches whenever you wish.  This is what my
coworker does - it works quite well...

BTW, you only need to open 2401.  2402 is only used on the localhost by
the server, and does not need to be open to the client.

Best of wishes,

keith d. zimmerman, mcsd 
eagle solutions

> -----Original Message-----
> From: cvsnt-bounces at cvsnt.org 
> [mailto:cvsnt-bounces at cvsnt.org] On Behalf Of Michael R. Levy
> Sent: Friday, September 19, 2003 5:29 PM
> To: cvsnt at cvsnt.org
> Subject: [cvsnt] Partialy OT: CVSNT and Firewall/Router
> 
> 
> I'm a CVSNT newbie having a problem using CVS inside/outside my
> router/firewall.
> 
> I have multiple Root files located in CVS directories in each 
> directory of
> my project.  This is the "Root" of my problem <heh heh>.
> 
> My CVSNT server is set up with NAT inside my Belkin router.  
> I have the
> Belkin's "Virtual Servers" set up to forward connections on 
> ports 2401 and
> 2402 to the CVSNT server.  When I connect using my laptop 
> from outside the
> router, I set up my WinCVS so the host address is the address of the
> router, and everything works fine.
> 
> When I try to do development work while I'm "inside" my 
> router, I can't
> connect.  Apparently the router will not route connections 
> from "inside"
> the router the way I would like it to.  I can, for example, "telnet
> 192.168.x.x 2401" and get the "bad auth protocol" but I can't "telnet
> myhost.com 2401".
> 
> If I run WinCVS's "Change CVSROOT" Macro on the project to 
> change the host
> to either the 192.168.x.x IP or to the server's net name, it 
> works fine but
> obviously that won't work when I connect from outside the firewall.
> 
> I can think of three solutions:
> 
> (A) Run "Change CVSROOT Macro" each time I move location.  (Not a very
> attractive solution.)
> (B) Find out if there is a way to avoid having the server 
> host specified in
> each of the Root files. (Is there?)
> (C) Figure a way to set up my router so requests from "inside" to the
> "outside" IP are routed properly.
> 
> Any other ideas?  Any help appreciated.
> Plus -- thanks to all who contribute to the list, I've 
> learned a lot from
> your comments!
> 
> Michael Levy
> _______________________________________________
> cvsnt mailing list
> cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
>

More information about the cvsnt mailing list