-2

I've been asked to develop an intranet website for a small company. This is something I can do, but I'm struggling with the deployment/network part where I am a total beginner.

Here is the network infrastructure of the organization:

WiFi access point----Linux server (Debian)----ISP router

The Linux server has bridged interfaces (through the use of bridge-utils) and is mainly used for logging the traffic. They have installed an Apache web server on the server and asked me to deploy my website there and redirect all user requests to www.company.com to the intranet website instead of reaching the company website www.company.com on the Web.

Can you tell me how to achieve this redirection ? What custom iptables -if possible- rules do I have to use ? Any other better option (is it possible to force the use of a local DNS...) ?

Thanks a lot for your help.

Fred
  • 1
  • Well, I've been doing more research on forums than testing so far. My first guess was that I could redirect the clients to a local DNS server on the Debian server. I've tried to change the dns-nameservers value in the bridge settings of /etc/network/interfaces but it (seems to) only apply to the Debian server, the clients still reach their usual DNS servers. I've played with the iptables rules but they don't seem to be effective, from what I've read on the forums there are ebtables ? Well, if someone could point me to the simplest solution, I will be happy to do some digging. Thanks :) – Fred Sep 22 '17 at 12:58

1 Answers1

3

This is outside of the scope of developing an intranet for this client and they shouldn't be asking you to do it for them.

This needs to be done in DNS. They need to create an internal DNS record (or zone) for www.company.com that resolves to the ip address of the internal web server. As such, this is a task for their network or system administrator, not you, and you should inform them of that.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • I totally agree about the DNS zone but this Debian server is the only component I can access. The IT is outsourced and they cannot help for now. The only thing I can think of is replace the Debian server with a raspberry running a webserver and local DNS server/zone. Is it possible to have the same behaviour (i.e. traffic routing from eth0 to eth1, without bridge capability) and modify the DNS zone on the raspberry to redirect to the intranet ?). That would be an acceptable POC. Thanks. – Fred Sep 22 '17 at 14:25