Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 5344 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Zugriff von Intern auf öffentliche IP Adresse nicht möglich

AndreasTunnat

Hallo zusammen,

ich habe den ssl-port 443 per DNAT Regel auf einen Server hinter meiner Sophos Firewall weitergeleitet. Von Extern funktioniert alles perfekt. Aus bestimmten Gründen müsste ich auch von Intern über die öffentliche IP (statisch) auf den Server zugreifen. Dies ist aber leider nicht möglich. 

Ein Ping von Intern auf die öffentliche IP ist möglich. Auch die Namensauflösung funktioniert.

Kann mir jemand helfen?



This thread was automatically locked due to age.
Parents
  • 0
    Thank you,

    i created a fullNAT rule and it works like a charm ;-)

    Für alle die vor der selben Frage stehen:

    Browse to Network Protection | NAT | NAT.
    Click New NAT rule...
    Under Position, change the number such that it is the same as your existing DNAT rule.
    This will cause the new rule to be immediately above the existing rule.
    If the Full-NAT rule is below the DNAT rule, the DNAT rule will apply instead, and the Full-NAT rule will not work.
    Change Rule Type to Full NAT (Source + Destination).
    Under For traffic from, choose your affected internal network.
    For example: Internal (LAN) (Network)
    Under Use service, choose the appropriate service or group of services (eg. HTTP, HTTPS, etc).
    Under Going to, choose the external address of the server to be forwarded.
    For example: External (WAN) (Address)
    Under Change the destination to, choose the internal address of the server.
    Under Change the source to, choose your UTM's internal address object for the appropriate internal network.
    For example: Internal (LAN) (Address)
    Ensure Automatic Firewall rule is checked. Otherwise, ensure you create the appropriate firewall objects.
    Click Save.
    Activate the new Full-NAT object.
Reply
  • 0
    Thank you,

    i created a fullNAT rule and it works like a charm ;-)

    Für alle die vor der selben Frage stehen:

    Browse to Network Protection | NAT | NAT.
    Click New NAT rule...
    Under Position, change the number such that it is the same as your existing DNAT rule.
    This will cause the new rule to be immediately above the existing rule.
    If the Full-NAT rule is below the DNAT rule, the DNAT rule will apply instead, and the Full-NAT rule will not work.
    Change Rule Type to Full NAT (Source + Destination).
    Under For traffic from, choose your affected internal network.
    For example: Internal (LAN) (Network)
    Under Use service, choose the appropriate service or group of services (eg. HTTP, HTTPS, etc).
    Under Going to, choose the external address of the server to be forwarded.
    For example: External (WAN) (Address)
    Under Change the destination to, choose the internal address of the server.
    Under Change the source to, choose your UTM's internal address object for the appropriate internal network.
    For example: Internal (LAN) (Address)
    Ensure Automatic Firewall rule is checked. Otherwise, ensure you create the appropriate firewall objects.
    Click Save.
    Activate the new Full-NAT object.
Children
No Data
Cookie Information Banner