quote:
Originally posted by FeTtKloSSeN:
Hi!
I don't really get the NAT-funtions in 3.040
some of you read my previous post about me not liking the "bug" making it impossible to select a service group.
I'd be quite happy if that was my only problem, unfortunately it is not. I can't even get DNAT to work at all.
in 2.* I got it all working... now something is messed up?
I see you've integrated the DNAT/SNAT and Masquearding into one page, which isn't bad att all. Well, except the fact that I'm to dumb to understand it.
I got it to Masquerade my internal network but DNAT doesn't work.
What options should I set for ordinary DNAT?
example from port asl_external:6003 to 192.168.1.2:6003
Regards,
Kristian
1. Setup Network definition for the server at 192.168.1.2 say "6003_srv":
6003_srv 192.168.1.2 255.255.255.255
2. Setup a Network definition for the IP of the external NIC: e.g. if the external NIC's IP ends with .218
NIC_218 xx.xx.xx.218 255.255.255.255
3. Setup a definition for Service on port 6003
say:
6003_Port tcp 1024:65535 6003
Then setup DNAT rules for each protocol you want
to send to the server internally:
e.g.
Name: 6003_In
Source Address: Any
Dest Addres: NIC_218
Service: 6003_Port
Change Src To: None
Change Dest To: 6003_Srv
Should look like this in the end:
6003_In Any -> NIC_218/6003_Port None 6003_Srv
Oh then a packet filter rule to allow From Any to 6003_Srv on 6003_Port
Hope this helps
