DNAT/SNAT issues(?) in 3.380

OK, now I am really confused [:)]

Baseline:

ASL 3.380, 3 interfaces. etho - Clean, eth1 - DMZ, eth2 - dirty interface.

DNAT/SNAT rules set up for inbound FTP and HTTP from ETH2 to DMZ.

Rulebase set to all:all:all:allow

STILL cannot get to the webserver on the DMZ

NAT Rules are as follows:

code:

Inbound FTP            Any -> External_Interface__ / FTP    None   DMZ Webserver / FTP
Inbound Web Services   All -> External_Interface__ / HTTP   None   DMZ Webserver / HTTP
Trusted Outbound       Internal_Network__ -> All / All   MASQ__External   None

Webserver works fine, is listening to other hosts on the network, just not receiving the traffic from the ASL system. It is wierd as hell. Traffic logs for the HTTPD server show no connections, and te host syslog shows no dropped packets.

When I use the network tools, pecifically TCP connect, I get the following error:

code:

192.168.100.00: inverse host lookup failed: Unknown host
(UNKNOWN) [192.168.100.0] 21 (ftp) : Network is unreachable
 sent 0, rcvd 0

Could it be a routing table issue?

My routing table is as follows:

code:

192.168.100.0/24 dev eth1  scope link 
172.16.2.0/24 dev eth0  scope link 
XX.XX.XX.0/24 dev eth2  scope link 
127.0.0.0/8 dev lo  scope link 
default via XX.XX.XX.1 dev eth2

Suggestions? I am confused as h@77 on this one...

Bob

[size="1"][ 30 December 2002, 10:00: Message edited by: Orcusomega ][/size]

0 Orcusomega over 23 years ago

Kindly disregard. The issue was that the webserver had been moved to a different location (different network) and the default GW needed to be changed in /etc/sysconfig/network-scripts/ifcfg-eth0.

Thanks,

Bob
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel