EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Sunday 01 December 2024, 10:40:02 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Get the new Updates directly from Endian
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
Installation Support
Port Forward- IS changing SYN packets to ACKs??
0 Members and 0 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Port Forward- IS changing SYN packets to ACKs?? (Read 9182 times)
yeganeh
Jr. Member
Offline
Gender:
Posts: 2
Port Forward- IS changing SYN packets to ACKs??
«
on:
Sunday 01 August 2010, 10:46:37 pm »
I’m using Endian 2.3 and trying to forward
192.168.70.0 /24
port
4100
traffic to the internal server which is located on the green network with IP
192.168.40.40
port
7100
. To configure this scenario I followed these steps:
1-
Port Forwarding/ NAT
>
Destination NAT
1-1
Access From
: Network IP/Range:
192.168.70.0 /24
1-2 Target: Zone/VPN/Uplink: ANY Uplink
1-3 Filter Policy: ALLOW
1-4 Service: ANY , Protocol: TCP,
Target
:
4100
1-5 Translate to: IP, DNAT Policy: NAT
1-6 Insert IP:
192.168.40.40
, port:
7100
2-
Outgoing Traffic
2-1
Source
: Network/IP ,
IP: 192.168.40.40
2-2:
Destination:
Network/IP, IP:
192.168.70.0 /24
2-3 Service: ANY, Protocol: TCP, Destination Port: 4100
2-4 Policy: ALLOW
3-
System Access
3-1 Source address:
192.168.70.0/24
3-2: Source Interface:
RED
3-3 Service: ANY, Protocol: TCP, Destination Port:
7100
3-4 Policy: ALLOW
Unfortunately, the DNAT rule is not working as planned.
I monitored the connections in the status section of the Endian system and I can see that the DNAT properly directs the packets and I monitored the my server (IP 192.168.40.40) with
TCPDUMP
and I found that the server receive packets but unfortunately the connection is not been built because the initial
SYN packets
from my client to my server is being translated by Endian Firewall into
ACK packets
which is preventing the initial 3 way handshake establishing.
TCPDUMP of 192.168.40.40
IP
192.168.70.92
.50924 >
192.168.40.40.7100
: S 1705309870:170530
9870(0) win 5840 <mss 1460,
sackOK
,timestamp 1791227116[|tcp]>
0x0000: 4500 003c 1f9b 4000 3f06 f7d5 c0a8 7723 E..<..@.?.....w#
0x0010: c0a8 2bd7 c6ec 0016 65a4 f6ae 0000 0000 ..+.....e.......
0x0020: a002 16d0 89de 0000 0204 05b4 0402 080a ................
0x0030: 6ac3 f4ec 0000 j.....
Am I missing something simple here?
What should I do to solve this problem
??
Thanks in advance for you help...
Logged
Yeganeh
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.054 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com