Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 3357 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[WORKAROUND] XG18 - Loopback NAT not working

roderickvd

I believe there are several threads on this without a solution. Chiming in here:

I have a server in a DMZ VLAN exposing HTTPS over DNAT, including loopback and reflexive NAT rules. The XG18 firewall has an xxx.myfirewall.co dynamic DNS registration. Accessing this HTTPS service on this hostname from WAN to the DMZ works fine.

However, accessing the HTTPS service on this hostname from another VLAN to the DMZ does not work. In the log, you can see the loopback NAT rule triggering, but the traffic being blocked by a final "drop all" rule. A higher-priority rule allowing HTTPS traffic from this VLAN to the DMZ is not triggered.

Workaround is creating a manual DNS entry for xxx.myfirewall.co to the DMZ internal IP address, of course having LAN clients use the XG18 DNS server als resolver.

This was functional on MR1 but no longer after upgrading to MR3. The old trick of "opening NAT rule, saving again" does not work.



This thread was automatically locked due to age.
Parents
  • 0

    The auto generated loopback rule doesn't work on MR-3. I have created my loopback rule to achieve it. 

    • My NAS is sitting in LAN zone and DMZ is a VLAN. Port 2 is WAN

    Here is the firewall rule. Make sure Source Network include your LAN and DMZ networks

Reply
  • 0

    The auto generated loopback rule doesn't work on MR-3. I have created my loopback rule to achieve it. 

    • My NAS is sitting in LAN zone and DMZ is a VLAN. Port 2 is WAN

    Here is the firewall rule. Make sure Source Network include your LAN and DMZ networks

Children
No Data