Hi Manuel, thanks for your answer :)
>>I'm trying to acces 2 ssh servers on my LAN, let's say S1 and S2,
>>like this :
>>WAN port 22 <------------>M0n0wall<--------------->LAN S1 port 22
>>WAN port 2222 <------------>M0n0wall<--------------->LAN S2 port 22
>>I've added a NAT from WAN:22 to S1:22 on LAN
>>I did the same for S2 except that I've put 2222 on the external
>>I have one rule that permit port WAN:22 to access S1 and another
>>one that permit WAN:22 to access S2 also.
>Hint: don't create the filter rules by hand, use the auto-add option
>when you add a new NAT rule. Filter rules are processed after NATing
>for incoming packets, and the SSH client is free to choose any value
>for the source port. You just need two rules to permit traffic -
>[interface WAN, source any, destination S1 port 22] and [interface
>WAN, source any, destination S2 port 22].
That's what I did actually.
And that the reason why I'm so surprised it doesn't work...
Here is a copy of the related rules and NAT I have :
Proto Source Port Destination Port Description
TCP * * S1 22 (SSH) SSH NAT
TCP * * S2 22 (SSH) NAT
Proto Ext. port range NAT IP
(ext. IP) Int. port range Description
TCP 22 (SSH) S1 22 (SSH)
TCP 2222 S2 22 (SSH)
It seems ok to me... but I can't connect to S2 via WAN:2222....
Last News :
I just changed port 2222 to port 23 and... it now works ! Why ?
Then I tried to map port 81 to port 80 of S2, auto-adding the rule. Guess what ? It doesn't work...
The I tried to map port 23 to port 80 on S2 and ... it works !
So it seems that on my configuration, the only external port that can be 'mapped' (I mean, which can
be different of) to an internal port is port 23...
any idea on why ?
olivier at naya dash tec dot com (Olivier Nibart)
gsm: +32 472 514 103