Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 25 November 2024, 03:44:03 am

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  EWF Community 3.0.devel incoming routed traffic
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: EWF Community 3.0.devel incoming routed traffic  (Read 13150 times)
MattHo
Jr. Member
*
Offline Offline

Posts: 7


« on: Thursday 09 April 2015, 05:26:39 pm »

Hi All,

I'm a newbie of EFW.

I got 3 public IPs (1.1.1.1 - 1.1.1.3), I'm planning to setup 2 mail server (10.10.10.1 - for POP3 & IMAP) and other mail server (10.10.10.2 - SMTP & Web) behind the firewall (in 1 Ethernet port), below is my current setting.

1/ on Firewall > Port forwarding / NAT, I set 1.1.1.1 (ANY - ALLOW with IPS) to 10.10.10.1
2/ on Firewall > Source NAT, I set all out-going email from 10.10.10.1 & 10.10.10.2 will be redirect to 1.1.1.3
3/ on Firewall > Incoming routed traffic, I set 1.1.1.3 (ANY - ALLOW with IPS) to 10.10.10.2

Under Network tab > Interface, I've created 1 uplink only.
Main Uplink - 1.1.1.1
- Add additional addresses (1.1.1.2/24 - 1.1.1.3/24)

Above setting is working well except point 3 (1.1.1.3), I cannot connect to this server. Any one can give me a hits of this?  Huh

Many thanks.
Logged
speccompsol
Full Member
***
Offline Offline

Posts: 44


« Reply #1 on: Friday 10 April 2015, 05:13:10 am »

Your "3" Rule should be Port Forwarding as you did with rule "1"
Logged
MattHo
Jr. Member
*
Offline Offline

Posts: 7


« Reply #2 on: Monday 13 April 2015, 11:42:04 am »

Your "3" Rule should be Port Forwarding as you did with rule "1"

Hi speccompsol,

Thanks for your reply.

Sorry for my typing mistake, the correct planning should look like below:
...
1/ on Firewall > Port forwarding / NAT, I set 1.1.1.1 (ANY - ALLOW with IPS) to 10.10.10.1
2/ on Firewall > Source NAT, I set all out-going email from 10.10.10.1 & 10.10.10.2 will be redirect to 1.1.1.3
3/ on Firewall > Incoming routed traffic, I set 1.1.1.2 (ANY - ALLOW with IPS) to 10.10.10.2
...


I've tried to remove all my rules under Firewall > Port Forwarding / NAT.
Then add 1.1.1.1 (ANY - ALLOW with IPS) to 10.10.10.1 and 1.1.1.2 (ANY - ALLOW with IPS) to 10.10.10.2
But it still same, I cannot connect to 10.10.10.1 & 2 also this time.

Would you mind advise me the correct step?
Many thanks for your help.
Logged
Timmeh
Full Member
***
Offline Offline

Posts: 34


« Reply #3 on: Monday 13 April 2015, 07:27:23 pm »

Did you check the logs to see if the connection was being made / blocked / allowed?
Logged
MattHo
Jr. Member
*
Offline Offline

Posts: 7


« Reply #4 on: Tuesday 14 April 2015, 02:35:04 pm »

Apr 14 12:31:03   INPUT:DROP   eth0   TCP   14... 50280   1.1.1.2   80

The connection is blocked, is I missing something?
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com