|
Title: Port forwarding problem Post by: asyousef on Sunday 27 December 2009, 04:37:09 am Hi All,
I'm trying to make DNAT rule but it's not working and i don't know what's wrong. Please check below configuration. Access from Type: Any. Target: Uplink main - IP:w.w.w.w (IP Address of Red Zone Interface) Service/Port Service: HTTP Protocol: TCP Target Port: 80 Translate to Type: IP DNAT Policy: NAT Insert IP: x.x.x.x Port/Range: 80 Title: Re: Port forwarding problem Post by: sstillwell on Sunday 27 December 2009, 04:55:52 am Several things...
1) Try changing the Target to IP Subnet/Address and specify the exact address of the target. It SHOULDN'T make any difference, but that's how mine are set up and they work fine. 2) You don't need to put the Port number in the Translate To: box...if it's not specified, it will be the same as the target port. 3) Make sure that the "Enabled" checkbox is checked for the rule. 4) Make sure you APPLY the changes after you've saved the rule. You will NOT be able to access the external address from within the GREEN subnet unless you also do some SNAT rule as well...but it should work from the outside. Working fine here on EFW 2.3. Scott Title: Re: Port forwarding problem Post by: asyousef on Sunday 27 December 2009, 05:11:56 am Hi Scott,
Thanks for your replay. I did your below recommendations but still the same problem. Now target address: Network/IP: w.w.w.w (IP Address of Red Zone Interface). Translate to port number is empty now. Thanks. Title: Re: Port forwarding problem Post by: asyousef on Sunday 27 December 2009, 05:49:42 am Dear Scott,
Thanks again for your recommendation it's working fine now. :D Kind regards, Yusuf Title: Re: Port forwarding problem Post by: Vinbob on Thursday 31 December 2009, 01:29:43 am Scott,
I believe you have answered by current issue with your comment; "You will NOT be able to access the external address from within the GREEN subnet unless you also do some SNAT rule as well...but it should work from the outside" Is it advisable to setup a SNAT rule given that the access is not automatically provided as it would be using say a more basic LinkSys router and if so, could you kindly provide any info on how to create the matching SNAT rule to provide access from the GREEN internal network? Greatly appreciate any help/advise in advance... Cheers, Vin. Title: Re: Port forwarding problem Post by: Caizi on Tuesday 31 May 2011, 06:35:04 pm Here is SNAT-rule from Jeliasson (which applies to all DNAT-rules). This should solve problems with DNAT portforwarding rules which were not accessible from GREEN interface:
Source type: Network/IP Internet network/IPs: 0.0.0.0/0 Destination Type: Zone/VPN/Uplink Selected interfaces: GREEN Service: <ANY> Protocol: <ANY> NAT: NAT ... to source address Auto Enabled: Ticked (ofcorce) |