[ previous ] [ next ] [ threads ]
 
 From:  "Jim Berryman" <jrberryman at chartermi dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Problem with Port redirects
 Date:  Mon, 26 Jan 2004 22:33:19 -0500
WAN = 24.247.106.26
LAN = 192.168.1.0 /24
DMZ = 192.168.2.0 /24 (not used at this time)
 
Outbound works fine.
My ISP blocks inbound traffic to well known ports (21, 23, 80, 443, etc)
I want to do inbound (WAN) port re-directs to a server @ 192.168.1.2 (see NAT below)
If I telnet from an outside client to 192.168.1.2:2223, it times out. Nothing appears in the
logs.....
Where'd I screw up? (This works fine on OpenBSD & pf)
 
Thanks,
 
 

 

==========================================================================================
Firewall: NAT

Inbound Server NAT 1:1 Outbound   
Proto Ext. port range NAT IP
(ext. IP) Int. port range Description  
TCP  2221  192.168.1.2  21 (FTP)     Allow FTP to AS/400      
TCP  2223  192.168.1.2  23 (Telnet)  Allow Telnet to AS/400      
TCP  2280  192.168.1.2  80 (HTTP)    Allow HTTP connection from WAN      
TCP  2443  192.168.1.2  443 (HTTPS)  Allow HTTPS connection to AS/400      
 

 
 
==========================================================================================
 
Firewall: Rules

WAN interface  
  Proto    Source    Port    Destination    Port         Description  
  TCP        *        *      192.168.1.2     23(Telnet)  NAT Allow Telnet to AS/400     
    
  TCP        *        *      192.168.1.2     80(HTTP)    NAT Allow HTTP connection from WAN     
    
  TCP        *        *      192.168.1.2     21(FTP)     NAT Allow FTP to AS/400     
    
  ICMP       *        *          *            *          Allow ICMP     
    
  TCP        *        *      192.168.1.2    443(HTTPS)   NAT Allow HTTPS connection to AS/400     
    
  TCP/UDP    *        *      192.168.2.1      *          DMZ     
    
  TCP/UDP    *        *          *          137 - 139       
    
 

LAN interface  
  Proto Source Port Destination Port Description  
  *      LAN net      *         *            *           Default LAN -> any     
    
  TCP/UDP  *          *         *          137 - 139