|
||||||||
Hi, Ive got a server on a DMZ behind my m0n0wall box, prevoiusly I used NAT and port forwarding, however now I have enough public ips for routers and the server. Ive setup the boxs and the firewall... pass in quick proto icmp from any to x.x.28.163 keep state group 200 pass in quick proto tcp from any to x.x.28.163 port = 80 keep state group 200 pass in quick proto udp from any to x.x.28.160/29 port 33433 >< 33600 keep state group 200 x.x.28.162 is the firewall x.x.28.163 is the server on the DMZ The first rule allows for pinging the server. The last rule allows traceroutes to pass from the WAN to the DMZ The second *should* allow allow http access to the server but doesnt work Has ne got an idea why this isnt working I know there sometimes are time delays accepting the bridge cos of the ARP on the isp router however I can ping and traceroute to the server but not open tcp on 80. Oh and I can access out from server just not in! Regards ~Mat Johns mat at cyberfish dot org |