How to access a webserver on external network from local network

networkingPROXYrouting

network diagram

I'm trying to make it possible to access a webserver on another network (A) from my local network (C).

They have a router on our end which I cannot access directly to make any changes, If I connect the cable(B) from this router to a pc I'm able to access the webserver with proper IP configuration. But obviously I cannot connect the (B) to main switch as it needs IP configuration.

I want the whole local network to be able to access this webserver (B).

Access I mean as in through browser. Internal proxy is running fedora with squid which is connected to the internet, and only means of access to the external webserver is through (B).

I hope it's clear, with that super diagram and all.

EDIT: Let me know if it's possible by editing router configuration too, it's a juniper.

Thank you guys, great community!

Best Answer

Ok, so you can connect a single device to that "router", and it gets a single IP address on the remote network. Looks bad, maybe it's just acting as a bridge. Whatever.

You can use your own router, then; buy one (or get a PC with two network cards and your favourite OS) and give it that IP address on the remote network, then use it to let your own network talk to the remote one.

You'll need NAT, because you can't use plain routing here; computers in the remote network would never know how to reach yours. So you need to setup a NAT router (quite easy with both Windows RRAS or Linux IPTABLES) which has your own LAN as its internal/private network and a cross-link to the other router as its external/public one; configure it for NAT, and add a route to your main router stating that you can reach the remote network through this new router.

A little example (can't draw diagrams now):

---------  -----------  ---------------------------  ---------  ------------- 
|10.1.35|--|ROUTER(?)|--|10.1.35.235 | 10.1.36.42 |--|10.1.36|--|Main Router|->
---------  -----------  ---------------------------  ---------  -------------

The thing in the middle is your NAT device; it has two interfaces, and the NAT direction is towards the 10.1.35 network; so it gets 10.1.35.235 on its "public" interface; its "private" one is connected to your LAN. Then add a route to your main router (the default gateway for your network) stating "to reach 10.1.35, go through 10.1.36.42". Done.

Related Topic