Re: [m0n0wall] 1:1 NAT works ok, but there's a catch?

From:	"Ed Chatlos" <edchat at bellsouth dot net>
To:	"M0n0Wall" <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] 1:1 NAT works ok, but there's a catch?
Date:	Sat, 19 Nov 2005 23:18:44 -0500
First you can't forward the same ports to 2 different LAN IP addresses. You 
have 2 entries that use the same ports going to 2 different LAN IPs. That 
won't work.
----- Original Message ----- 
From: <brett at woollum dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Saturday, November 19, 2005 11:07 PM
Subject: RE: [m0n0wall] 1:1 NAT works ok, but there's a catch?


> Ok, I have gone to Firewall:Rules:WAN and entered the following:
>
> Protocol/Source IP/Source Port/Dest IP/Dest Port/Description
> TCP/UDP  *  *  192.168.1.1  80            HTTP
> TCP/UDP  *  *  192.168.1.3  20-21       FTP
> TCP/UDP  *  *  192.168.1.3  80            HTTP
> TCP/UDP  *  *  192.168.1.3  5800-6000 VNC Server
> TCP/UDP  *  *  192.168.1.4  5800-6000 VNC Server
>
> My WAN interface is addressed as x.193.
> In Firewall:NAT:1:1 I have the following:
>
> Interface/Ext IP/Int IP/Decription
> WAN  XXX.XXX.XXX.198/32  192.168.1.4/32  Maincomputer
> WAN  XXX.XXX.XXX.198/32  192.168.1.3/32  Server PC
>
> In Services:Proxy ARP I have:
> Interface/Network/Description
> WAN  XXX.XXX.XXX.198  Description 1
> WAN  XXX.XXX.XXX.205  Description 1
> WAN  XXX.XXX.XXX.209  Description 1
> WAN  XXX.XXX.XXX.251  Description 1
>
> After everything is applied and tested, it still will not work properly.
> I can log onto my AOL client (which allows it to come from outside the
> network) or even try from work and I get nothing on any of the port
> 80's.. Not the monowall, not the server, no VNC.... If anyone can tell
> me what other feature I need to add to make it work that would be
> great!
>
> To recap my network:
> I have 5 static IPs that need to be 'forwarded' to the appropriate
> machines. These machines should be using their associated Public IP
> when browsing the net (the 1:1 right now is working awesome to do
> this).
>
> Thanks!
> Brett Woollum
>
>
>> -------- Original Message --------
>> Subject: RE: [m0n0wall] 1:1 NAT works ok, but there's a catch?
>> From: "James W. McKeand" <james at mckeand dot biz>
>> Date: Sat, November 19, 2005 4:20 am
>> To: <m0n0wall at lists dot m0n0 dot ch>
>>
>> Interface would be WAN
>> Source IP would be any.
>> Source port would be any.
>> Destination IP would be Internal IP of server in question.
>> Destination port would be <insert service port here> i.e. 80.
>>
>> _________________________________
>> James W. McKeand
>>
>>
>>
>> -----Original Message-----
>> From: brett at woollum dot com [mailto:brett at woollum dot com]
>> Sent: Friday, 18 November 2005 6:15 PM
>> To: James W. McKeand
>> Subject: RE: [m0n0wall] 1:1 NAT works ok, but there's a catch?
>>
>> Ok, So I will enter a firewall rule for port 80, with a source port of
>> any, and the destination private IP of 192.168.1.3. What should the
>> source IP be? Or should it? Thanks!
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.1.362 / Virus Database: 267.13.3/174 - Release Date: 11/17/2005
>
> 



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.362 / Virus Database: 267.13.3/174 - Release Date: 11/17/2005