Welcome, Guest. Please login or register.
Did you miss your activation email?
Wednesday 27 November 2024, 10:50:55 am

Login with username, password and session length

Download the latest community FREE version  HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  publishing web server from behind a efw green zone to red zone with public IP
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: publishing web server from behind a efw green zone to red zone with public IP  (Read 26717 times)
popat
Jr. Member
*
Offline Offline

Posts: 7


« on: Saturday 03 April 2010, 05:19:00 am »

I have strang problem, i have installed efw 2.3 this morning and I am trying to publish one web server  for out side user. i have try using destination NAT , but no luck may be i didn't understand configuration right, can someone walk me thru. we have sevaral external IP available to publish this web server.
Logged
koukobin
Full Member
***
Offline Offline

Posts: 24


« Reply #1 on: Saturday 03 April 2010, 07:07:30 am »

Please post a screenshot from your rule in "destination nat" that you are using to publish your web server.
Logged
popat
Jr. Member
*
Offline Offline

Posts: 7


« Reply #2 on: Wednesday 07 April 2010, 01:07:19 am »

sorry for late response,i am trying to 1:1 NAT for this web server cause I have multiple site and server, BTW here is screen shot. I have not configure anything else on this FW.
Logged
gyp_the_cat
Full Member
***
Offline Offline

Posts: 81



WWW
« Reply #3 on: Wednesday 07 April 2010, 02:00:46 am »

Hi popat,

You say you have multiple IP addresses on the WAN side, I assume that Endian is using one of the IP addresses that you want to use for the web server?

Does your webserver at 10.10.1.248 have as it's gateway the IP address of the green interface of the Endian?

Gyp
Logged
popat
Jr. Member
*
Offline Offline

Posts: 7


« Reply #4 on: Wednesday 07 April 2010, 02:40:22 am »

here is my configuration.
efw LAN IP 192.168.1.1/24, WAN IP 10.10.1.119/24
web server LAN IP 192.168.1.10

I am trying to assign WAN IP 10.10.1.248 to web server and access web site.
Logged
gyp_the_cat
Full Member
***
Offline Offline

Posts: 81



WWW
« Reply #5 on: Wednesday 07 April 2010, 05:20:38 am »

In the network setup (System - Network Configuration), have you assigned both the IP addresses onto the red interface?

For instance got 10.10.1.119/24 as the main IP and 10.10.1.248/24 in the additional IP addresses box?

Then have you made sure to have selected the right incomming IP in the port forwarding rule?
Logged
popat
Jr. Member
*
Offline Offline

Posts: 7


« Reply #6 on: Wednesday 07 April 2010, 05:23:46 am »

so another word if i want to use 1:1 NAT for IP address. I have to add easch address to red zone ?
Logged
gyp_the_cat
Full Member
***
Offline Offline

Posts: 81



WWW
« Reply #7 on: Wednesday 07 April 2010, 05:26:28 am »

Hi popat, I believe so yes.
Logged
popat
Jr. Member
*
Offline Offline

Posts: 7


« Reply #8 on: Wednesday 07 April 2010, 05:34:12 am »

OK, I will test it later. I have to go.

Thanks for quick reply
Logged
gyp_the_cat
Full Member
***
Offline Offline

Posts: 81



WWW
« Reply #9 on: Wednesday 07 April 2010, 05:35:42 am »

No problem Smiley  Let us know how you get on.
Logged
popat
Jr. Member
*
Offline Offline

Posts: 7


« Reply #10 on: Thursday 08 April 2010, 01:08:47 am »

here is confusion, with each IP attached to red zone, they can see FW itself too. is there another way to setup this one to one nat for this EFW?
Logged
Steve
Sr. Member
****
Offline Offline

Posts: 108



WWW
« Reply #11 on: Thursday 08 April 2010, 09:20:39 am »

In your attached image you are forwarding to IP 10.10.1.248 but you don't have the port you are forwarding to.

In the field Port/Range (e.g. 80, 80:88) you need to provide a port - 80 in your case.
Logged

                          
popat
Jr. Member
*
Offline Offline

Posts: 7


« Reply #12 on: Friday 09 April 2010, 12:29:39 am »

thanks for reply. I got it working, but now issue is how do i setup one-to-one NAT by assign all my wan IP to red zone my firewall have multiple IP from wan access. so any hacker can hack to my firewall with mutiple address. in my case, I wanted to setup one-to-one NAT but not have multiple ip assign to red zone, that way my firewall has only one address. 
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.125 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com