Endian Destination NAT
Posted
by
Ben Swinburne
on Server Fault
See other posts from Server Fault
or by Ben Swinburne
Published on 2011-11-23T19:16:05Z
Indexed on
2011/11/27
1:52 UTC
Read the original article
Hit count: 601
I have installed Endian Community Firewall 2.3 and am clearly misunderstanding/doing something wrong with it. I'm trying to create some destination NAT rules to allow incoming connections to various services within the network.
- Router - RED I/F - x.x.x.x
- Router - GREEN I/F - 192.168.11.253
- ECF - RED I/F - 192.168.11.254/24
- ECF - GREEN I/F - 192.168.12.254/24
- Target server - 192.168.12.1
Please ignore the haphazard choice of subnets and addresses- I'm trying to quickly plop Endian into an existing network before a complete rework in 6-12 months so for now.
Everything works except destination NAT, so outgoing connections are fine, the routes between the two subnets are OK etc.
I want to create various incoming NATs but let's take for the sake of argument, SMTP port 25 from the Internet to Target server 192.168.12.1.
I've tried almost every combination of options in the Destination NAT section to achieve this and clearly am doing something wrong. I suspect my confusion must be somewhere in the Access From
and/or Target
section.
The rest seems OK
Filter Policy = Allow
Service = SMTP
Protocol = TCP
Port = 25
Translate to type = IP
DNAT Policy = NAT
Insert IP = 192.168.12.1
Port Range = 25
Enabled = Checked
Position = First
I can't work out what I'm doing wrong, or am I doing it right and it's just not working!?
Any help would be greatly appreciated.
© Server Fault or respective owner