Censored network designDark site – We’ve just completed the final network design for a Client who require access to a new 3rd party web based application. This would normally be an easy task, however they are on a site that has no access to the Internet or to public DNS – “What?!”, I heard you all cry, “no internet and no public DNS!!”. This made it somewhat slightly more challenging for us, but one that we overcame by using a local hosts file, some inter firewall routing and a sprinkling of outbound destination NAT’ing on the Clients Internet facing firewalls.

How the system works (high level)

NOTE: The dark site uses a local hosts file for name resolution.

The user in the “dark site” runs the application shortcut from their desktop. This opens their web browser and makes a connection to the web server. The web server responds with a redirect to the auth server where the user authenticates. Once authenticated the auth server sets an authenticated cookie and returns a redirect URL of the 3rd party hosted system. The browser makes a connection to the 3rd party system which checks the coookie to ensure the user has authenticated.


We provide network design, integration and consultancy for all sizes of network; from a simple home deployment, right through to multi site Corporate network. Call us today to see how we can help you save costs and provide your users with a fast, secure and robust platform to work from.