This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT for NAS

masmith22 over 9 years ago

I am not able to configure DNAT to allow access to a NAS for the internet. Any help would be greatly appreciated. Mario

This thread was automatically locked due to age.

0 Scott_Klassen over 9 years ago

In your host definition for the device, change the interface back to the default of Any. Binding to a specific interface is generally considered bad and will block traffic that you want to allow, due to the way the setting works.

Also, make certain that you are testing the DNAT from a host out on the internet and not from your LAN.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 masmith22 over 9 years ago in reply to Scott_Klassen

I made the recommend change, still no access.[:(]
Cancel
Vote Up 0 Vote Down

Cancel
0 MarkMurphy over 9 years ago in reply to masmith22

Make it look like this
- Capture.JPG
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel
0 MarkMurphy over 9 years ago in reply to MarkMurphy

PS, If you select Automatic firewall rule you do not need to create the firewall rule and no you will not see it in the firewall rule section but the firewall will pass the trafic
Cancel
Vote Up 0 Vote Down

Cancel
0 masmith22 over 9 years ago

Thank you, I make the changes later today. What is the DSM HTTP service?
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 9 years ago

jzkkn5, I would use "Internet" instead of "Any" just for clarity as a DNAT doesn't work from devices on the LAN. Also, per #5 in Rulz, I would leave the 'And the service to:' field blank.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 masmith22 over 9 years ago

I cannot get it to work. Thanks for your assistance. I am going back to Untangle.
Cancel
Vote Up 0 Vote Down

Cancel
0 Amodin over 9 years ago

Remove the "And the Service To" and leave it blank.

Or, enjoy Untangle.

XG 19.5 GA 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | GB Ethernet x5
Cancel
Vote Up 0 Vote Down

Cancel
0 masmith22 over 9 years ago

The DNAT rule is working. I started from scratch, wipe the box.
1 - Web Protection - Filtering Options - Added a Allowed target service
   - Called TCP 8000
2 - Network Protection - NAT - NAT - DNAT
   - Condition
      - Traffic from Any
      - Using Service TCP 8000
      - Going to Ext WAN
    - Action
       - Destination - created network definition NAS DVR- Host IP address 192.168.0.50
       - Service to - TCP 8000
    - Auto Firewall Rule
    - Enable Rule
Cancel
Vote Up 0 Vote Down

Cancel
0 masmith22 over 9 years ago

I was able to assistance friend with configuring DNAT rule.
Cancel
Vote Up 0 Vote Down

Cancel