popat
Jr. Member
 Offline
Posts: 7
|
 |
« on: Saturday 03 April 2010, 05:19:00 am » |
|
I have strang problem, i have installed efw 2.3 this morning and I am trying to publish one web server for out side user. i have try using destination NAT , but no luck may be i didn't understand configuration right, can someone walk me thru. we have sevaral external IP available to publish this web server.
|
|
|
|
|
Logged
|
|
|
|
|
koukobin
|
|
« Reply #1 on: Saturday 03 April 2010, 07:07:30 am » |
|
Please post a screenshot from your rule in "destination nat" that you are using to publish your web server.
|
|
|
|
|
Logged
|
|
|
|
popat
Jr. Member
Offline
Posts: 7
|
|
« Reply #2 on: Wednesday 07 April 2010, 01:07:19 am » |
|
sorry for late response,i am trying to 1:1 NAT for this web server cause I have multiple site and server, BTW here is screen shot. I have not configure anything else on this FW.
|
|
|
|
|
Logged
|
|
|
|
|
gyp_the_cat
|
|
« Reply #3 on: Wednesday 07 April 2010, 02:00:46 am » |
|
Hi popat,
You say you have multiple IP addresses on the WAN side, I assume that Endian is using one of the IP addresses that you want to use for the web server?
Does your webserver at 10.10.1.248 have as it's gateway the IP address of the green interface of the Endian?
Gyp
|
|
|
|
|
Logged
|
|
|
|
popat
Jr. Member
Offline
Posts: 7
|
|
« Reply #4 on: Wednesday 07 April 2010, 02:40:22 am » |
|
here is my configuration.
efw LAN IP 192.168.1.1/24, WAN IP 10.10.1.119/24
web server LAN IP 192.168.1.10
I am trying to assign WAN IP 10.10.1.248 to web server and access web site.
|
|
|
|
|
Logged
|
|
|
|
|
gyp_the_cat
|
|
« Reply #5 on: Wednesday 07 April 2010, 05:20:38 am » |
|
In the network setup (System - Network Configuration), have you assigned both the IP addresses onto the red interface?
For instance got 10.10.1.119/24 as the main IP and 10.10.1.248/24 in the additional IP addresses box?
Then have you made sure to have selected the right incomming IP in the port forwarding rule?
|
|
|
|
|
Logged
|
|
|
|
popat
Jr. Member
Offline
Posts: 7
|
|
« Reply #6 on: Wednesday 07 April 2010, 05:23:46 am » |
|
so another word if i want to use 1:1 NAT for IP address. I have to add easch address to red zone ?
|
|
|
|
|
Logged
|
|
|
|
|
gyp_the_cat
|
|
« Reply #7 on: Wednesday 07 April 2010, 05:26:28 am » |
|
Hi popat, I believe so yes.
|
|
|
|
|
Logged
|
|
|
|
popat
Jr. Member
Offline
Posts: 7
|
|
« Reply #8 on: Wednesday 07 April 2010, 05:34:12 am » |
|
OK, I will test it later. I have to go.
Thanks for quick reply
|
|
|
|
|
Logged
|
|
|
|
|
gyp_the_cat
|
|
« Reply #9 on: Wednesday 07 April 2010, 05:35:42 am » |
|
No problem  Let us know how you get on. |
|
|
|
|
Logged
|
|
|
|
popat
Jr. Member
Offline
Posts: 7
|
|
« Reply #10 on: Thursday 08 April 2010, 01:08:47 am » |
|
here is confusion, with each IP attached to red zone, they can see FW itself too. is there another way to setup this one to one nat for this EFW?
|
|
|
|
|
Logged
|
|
|
|
|
Steve
|
|
« Reply #11 on: Thursday 08 April 2010, 09:20:39 am » |
|
In your attached image you are forwarding to IP 10.10.1.248 but you don't have the port you are forwarding to.
In the field Port/Range (e.g. 80, 80:88) you need to provide a port - 80 in your case.
|
|
|
|
|
Logged
|
|
|
|
popat
Jr. Member
Offline
Posts: 7
|
|
« Reply #12 on: Friday 09 April 2010, 12:29:39 am » |
|
thanks for reply. I got it working, but now issue is how do i setup one-to-one NAT by assign all my wan IP to red zone my firewall have multiple IP from wan access. so any hacker can hack to my firewall with mutiple address. in my case, I wanted to setup one-to-one NAT but not have multiple ip assign to red zone, that way my firewall has only one address.
|
|
|
|
|
Logged
|
|
|
|
|
Author