From: | Andreas Pflug <pgadmin(at)pse-consulting(dot)de> |
---|---|
To: | Markus Wollny <Markus(dot)Wollny(at)computec(dot)de> |
Cc: | James M Doherty <jim(at)jdoherty(dot)net>, pgadmin-support(at)postgresql(dot)org |
Subject: | Re: connection dropping continued |
Date: | 2004-02-18 22:56:10 |
Message-ID: | 4033ED8A.1020900@pse-consulting.de |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgadmin-support |
Markus Wollny wrote:
>I think I found out what's causing the connection dropping - it's not
>really the firewall, it's the dynamic NAT routing. Our admin doesn't
>want to set up static NAT routing for the developers though if he can
>help it - he says that this should be reserved for servers.
>
>
Huh, that sounds dubious.
Dynamic NAT for standard users to access the outer world, that's ok, but
why NAT for access of internal resources?
In a local network or VPN there's no need for NAT, because the private
address space you're probably using is well known inside the organization.
Seems to be just another example of weird stuff admins are inventing for
some not-so-well understood reasons.
Additionally, a NAT gateway may not reshuffle its ports/addresses for an
existing connection, which seems to happen here. I'd call that a bug too
(the firewall vendor will probably call it a feature, "look, we're
scrambling the ports to obfuscate data origins..." - well done!)
However, glad you found a workaround.
Regards,
Andreas
From | Date | Subject | |
---|---|---|---|
Next Message | Christopher Kings-Lynne | 2004-02-19 01:09:10 | Re: inserting new records without OIDs |
Previous Message | Markus Wollny | 2004-02-18 22:25:46 | Re: connection dropping continued |