On Tue, 18 Feb 2014 09:34:09 +0000, tony sayer wrote:


I've a similar use of VPN (actually OpenVPN), but poke a hole in the
firewall and simply use port forwarding to the server/UDP port. I
don't use/need DMZ. If I were running www Web servers (which I kind of
thought you were) then I'd be investigating DMZ and possibly addtional
assigned IP addresses for each server. Hmmm, do Virgin even roll out
additional static addresses for home users?

No..


AIUI the 'DMZ' feature on the SH2 is just a massive port redirect where
everything incoming goes to one internal IP address. Then you just have
to worry about which ports to open. Don't need static IP address unless
the assigned one changes too often.

This may well be a problem if with VM as if you have the server at that
end the clients want to know where to look for their connection.

A varying VM IP address ain't that useful;!..

I haven't asked about one or more static addresses - it sounds expensive
:-
)

If its Virgin Media they dont have any, they use DHCP or their version
of it all the time. My IP addy has changed over time but its not that
often. For added addresses you'll have to go to another non VM
provider...

One alternative, of course, is just to have a cron job on the Pi which
checks the WAN IP address every now and then.

If it has changed, then a quick mailshot to the small user base provides
the new information.

So fine for a small proxy service, but not so much for a web site with a
wider audience.

[Although it is possible that a redirect from a domain management site
could be worked up.]

Another interesting thing is the DNS name of my link, which seems to
include a customer ID and geographical location. It may be that this
remains constant even if the IP address changes.

I will need to monitor the whole thing to establish what (if any) the
rules are.

Cheers

Dave R