|
Title: NAT in 2.3 Post by: carlkb on Monday 07 June 2010, 06:12:15 am I am switching from Guide Dog/Guard Dog to efw so I can use a vpn, intrusion detection, virus scanning (on the firewall), etc.
I am using 2.3 because the iso for 2.4 would not install on my computers (dedicated Dell T105 and T110.) I have set up a simple network to test the firewalls: Red - 174.141.46.204 Green - 192.168.0.49 Orange - 10.10.10.49 There are two servers on the orange network and one workstation on the green network. I can access efw from the workstation on the green network. I have tried to get two (simple) things to work: 1. Forward red zone traffic on port 8080 to a Tomcat server in the orange zone: Access from: Zone/VPN/Uplink ... <ANY uplink> Target: Zone/VPN/Uplink ... <ANY Uplink> Filter policy: Allow Service/Port: Service: <ANY> Protocol: TCP Target port: 8080 Translate to: Type: IP DNAT Policy: NAT Insert IP: 10.10.10.40 Port: 8080 Both 'Enabled' and 'Log' are checked. 2. Allow traffic between zones (Inter-zone traffic... green to orange): Source: Zone/Interface Interface: GREEN Destination: Zone/Interface Interface: ORANGE Service/Port: Service: <ANY> Protocol: <ANY> Policy: Action: ALLOW Both 'Enabled' and 'Log' are checked. From the firewall computer, I can ping computers/servers on every newtwork. I can ping 'google'. I see nothing in any of the logs (only traffic between the firewall computer and my workstation.) I can not ping the external IP or any IP's outside the subnet (e.g., on 10.10.10.40, I can ping 10.10.10.15 but not 192.168.0.106). I have read (and tried everything I can find in this forum and by googling but have been unable to get it to work. Anyone have any ideas? TIA, Carl Title: Re: NAT in 2.3 Post by: carlkb on Wednesday 09 June 2010, 10:06:40 am Anyone have any ideas?
I really can't figure it out and I am running very short on time. Thanks, Carl |