Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 01 November 2024, 11:35:48 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14248 Posts in 4376 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Basic IP forwarding for website
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Basic IP forwarding for website  (Read 13228 times)
xlancealotx
Full Member
***
Offline Offline

Posts: 16


« on: Friday 24 June 2011, 12:28:02 am »


I have a webserver running on a private 10.10.5.144:80 standard port and works internal.  I have a router in parallel doing port forwarding and it works as expected.  On the endian, under Firewall->Port Forwarding / Destination NAT I have one rule.

Uncoming IP: Uplink ANY
Service: TCP/88
Translate to: 10.10.5.144 : 80

Now when I hit the red zone IP on the endian on port 88 I do see the connection on the firewall log with the following;
2011-06-23 10:09:18   PORTFWACCESS:ALLOW:1 TCP (eth3) 1.2.3.4:45991 -> 10.10.5.144:80 (br0)

I get numerous attempts in the logs but nothing in browser nor anything in the apache logs.  I can hit website from the other router/port forwarding as well as hit it from the internal 10.x address so is there another 'system' rule or something I am missing.  I had an issue on install just getting to ping the external which I found out through trial and error was under the 'system access' section.

Thanks
Logged
susantadutta84
Full Member
***
Offline Offline

Posts: 25


« Reply #1 on: Friday 24 June 2011, 03:36:46 pm »

Please check the screenshot for proper configuration in port port forwarding.
Logged
xlancealotx
Full Member
***
Offline Offline

Posts: 16


« Reply #2 on: Friday 24 June 2011, 11:21:35 pm »

Thanks for the reply, but the only difference is your 'user defined' service I have 'ANY' which is fine.  Plus the fact that the firewall log I included shows the connect, translation led me past this part of the config since it's already doing the translation to port 80 as seen in the log but since apache doesn't shows the connect I think it's still somewhere in Endian config.

The same problem I had with just enabling ICMP, I couldn't just make an inbound rule, I had to goto system access so thought maybe there was something else with the port forwarding.

Thanks again ....
Logged
speccompsol
Full Member
***
Offline Offline

Posts: 44


« Reply #3 on: Saturday 25 June 2011, 09:36:40 pm »

Outgoing Firewall Rule needed to allow the outbound traffic on Port 88.   While you are using the stadanrd Port 80 for traffic on the internal server and there is a default rule in the outgoing firewall to allow web traffic to the internet, your connection to and from the internet you specify is not on the standard web port from the internet.

Outgoing Firewall Rule
Source: Internal Server IP:80
Destination: Any:88

Logged
susantadutta84
Full Member
***
Offline Offline

Posts: 25


« Reply #4 on: Tuesday 28 June 2011, 02:48:58 pm »

configure outgoing firewall rule:
            Source               Destination     Service        Policy      Actions
           10.10.5.144         RED       <ANY>        ALLOW with IPS    
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com