This is a basic network diagram, application server with a web site and communication middleware (distribute news, there are multiple services, clients use IP + port access, realize the login), the situation now is public users to access the communication middleware (using the port mapping point to the application server), without any problems, normal use, (as shown in figure red arrows)
But network users in the form of public IP + port access, can't access, is take the network traffic (as shown in figure yellow arrow), how to add a policy on fire wall, now realize Intranet users use public IP + port access communication middleware walk outside network traffic come in again to access the communications middleware (as shown in figure blue arrow) to achieve the effect of normal access communication middleware, master genuflect is begged disambiguation answer!

The situation is as follows:
1. Communication middleware cannot be configured to network IP + port, configured to IP network, through public IP network users can't access,
2. Communication middleware logging service can only use IP + port in the form of a log in, can't use domain name,
3. The two outer net IP is the same with Internet access to UTM,
4. The UTM is three U200 - A

CodePudding user response:

UTM is supposed to be a firewall!
Your public address can be configured on the server
You must use on the server or network address
UTM do NAT on the internal server address mapping into public IP
If you also on the internal interface is H3C equipment to do the same NAT a with external interface can make internal users through public IP access to your Intranet server