Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 15 November 2024, 05:40:44 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14255 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Port forwarding problem
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Port forwarding problem  (Read 12423 times)
asyousef
Jr. Member
*
Offline Offline

Posts: 4


« on: Sunday 27 December 2009, 04:37:09 am »

Hi All,

I'm trying to make DNAT rule but it's not working and i don't know what's wrong. Please check below configuration.

Access from

Type: Any.
Target: Uplink main - IP:w.w.w.w    (IP Address of Red Zone Interface)

Service/Port

Service: HTTP
Protocol: TCP
Target Port: 80

Translate to

Type: IP
DNAT Policy: NAT
Insert IP: x.x.x.x
Port/Range: 80


Logged
sstillwell
Jr. Member
*
Offline Offline

Posts: 5


« Reply #1 on: Sunday 27 December 2009, 04:55:52 am »

Several things...

1)  Try changing the Target to IP Subnet/Address and specify the exact address of the target.  It SHOULDN'T make any difference, but that's how mine are set up and they work fine.

2)  You don't need to put the Port number in the Translate To: box...if it's not specified, it will be the same as the target port.

3)  Make sure that the "Enabled" checkbox is checked for the rule.

4)  Make sure you APPLY the changes after you've saved the rule.

You will NOT be able to access the external address from within the GREEN subnet unless you also do some SNAT rule as well...but it should work from the outside.

Working fine here on EFW 2.3.

Scott
Logged
asyousef
Jr. Member
*
Offline Offline

Posts: 4


« Reply #2 on: Sunday 27 December 2009, 05:11:56 am »

Hi Scott,

Thanks for your replay.

I did your below recommendations but still the same problem.

Now target address:

Network/IP: w.w.w.w (IP Address of Red Zone Interface).

Translate to port number is empty now.

Thanks.
Logged
asyousef
Jr. Member
*
Offline Offline

Posts: 4


« Reply #3 on: Sunday 27 December 2009, 05:49:42 am »

Dear Scott,

Thanks again for your recommendation it's working fine now.  Cheesy

Kind regards,

Yusuf
Logged
Vinbob
Full Member
***
Offline Offline

Posts: 20


« Reply #4 on: Thursday 31 December 2009, 01:29:43 am »

Scott,

I believe you have answered by current issue with your comment; "You will NOT be able to access the external address from within the GREEN subnet unless you also do some SNAT rule as well...but it should work from the outside"

Is it advisable to setup a SNAT rule given that the access is not automatically provided as it would be using say a more basic LinkSys router and if so, could you kindly provide any info on how to create the matching SNAT rule to provide access from the GREEN internal network?

Greatly appreciate any help/advise in advance...

Cheers,
Vin.
Logged
Caizi
Jr. Member
*
Offline Offline

Posts: 3


« Reply #5 on: Tuesday 31 May 2011, 06:35:04 pm »

Here is SNAT-rule from Jeliasson (which applies to all DNAT-rules). This should solve problems with DNAT portforwarding rules which were not accessible from GREEN interface:

Source type: Network/IP
Internet network/IPs: 0.0.0.0/0
Destination Type: Zone/VPN/Uplink
Selected interfaces: GREEN
Service: <ANY>
Protocol: <ANY>
NAT: NAT ... to source address Auto
Enabled: Ticked (ofcorce)
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com