hallo,
ich habe ein problm und find einfach die lösung nicht. vielleicht liegt es an mir??? hab das ganze nicht gelernt sondern versuch mir das ganze selbst beizubringen...!
aber vielleicht kann mir ja hier jemand sagen ob und wie ich es richtig machen muss.
folgende einstellungen:
modem -> an WAN Zywall UTM 35 (ROUTER) -> LAN an EXT eth0 Astaro
Zywall= 192.168.0.1
eth0=extern ->192.168.0.200 -> default GW 192.168.0.1
eth1= internal -> 192.168.0.130 -> dieser als gateway auf clients
eth2 = dmz (versuch) -> 10.0.0.3
desweiteren ist eine ssl-10 im netzwerk mit der ip 10.0.0.4 direkt an der dmz hängt!
die ssl10 braucht die ports 443 und 8443 , wobei ich den 443 in der astaro vom user portal abgeändert hab.
SOWEIT geht es erstmal alles.
nun habe ich in der astaro ein dyndns eingerichtet mit "ip der lokalen schnittstelle" auf dmz. (da bin ich mir schonmal nicht so sicher)
dann habe ich zwei nat regeln verfasst. leider klappt es per dyndns adresse zwar im lokalen netzwerk aber ich komme von aussen einfach nicht durch.im paketfilter kommt auch keine meldung die mir dazu was sagen könnte.
hier noch die nat regeln:
FULLNAT 1
* status switch (status) = 1
* group (group) = empty value
* traffic source (source) = any address object "Any"
* traffic service (service) = TCP and UDP service object "dienst ssl10"
* traffic destination (destination) = DNS host object "***.dyndns.org"
* destination address (destination_nat_address) = host object "ssl 10"
* destination service (destination_nat_service) = TCP and UDP service object "dienst ssl10"
* source address (source_nat_address) = interface address object "DMZ (Address)"
* source service (source_nat_service) = empty value
* log switch (log) = 1
* auto-packetfilter-rule switch (auto_pfrule) = 1
* comment (comment) = empty value
FULLNAT 2
* status switch (status) = 1
* group (group) = empty value
* traffic source (source) = any address object "Any"
* traffic service (service) = TCP service object "HTTPS"
* traffic destination (destination) = DNS host object "****.dyndns.org"
* destination address (destination_nat_address) = host object "ssl 10"
* destination service (destination_nat_service) = TCP service object "HTTPS"
* source address (source_nat_address) = interface address object "DMZ (Address)"
* source service (source_nat_service) = empty value
* log switch (log) = 1
* auto-packetfilter-rule switch (auto_pfrule) = 0
* comment (comment) = empty value
FULLNAT3
* status switch (status) = 1
* group (group) = empty value
* traffic source (source) = any address object "Any"
* traffic service (service) = TCP and UDP service object "dienst ssl10"
* traffic destination (destination) = interface address object "External (WAN) (Address)"
* destination address (destination_nat_address) = interface address object "DMZ (Address)"
* destination service (destination_nat_service) = empty value
* source address (source_nat_address) = empty value
* source service (source_nat_service) = empty value
* log switch (log) = 1
* auto-packetfilter-rule switch (auto_pfrule) = 1
* comment (comment) = empty value
FULLNAT4
* status switch (status) = 1
* group (group) = empty value
* traffic source (source) = any address object "Any"
* traffic service (service) = TCP service object "HTTPS"
* traffic destination (destination) = interface address object "External (WAN) (Address)"
* destination address (destination_nat_address) = interface address object "DMZ (Address)"
* destination service (destination_nat_service) = empty value
* source address (source_nat_address) = empty value
* source service (source_nat_service) = empty value
* log switch (log) = 1
* auto-packetfilter-rule switch (auto_pfrule) = 1
* comment (comment) = empty value
vielleicht kann mir jemand helfen. und schonend beibringen was ich da fürn murks gemacht hab.
This thread was automatically locked due to age.
