Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 224 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OWA thru Generic Proxy on v6?

fireice
[:O] 

ello!

i have the following setup on v6 to get owa to work on my home license:
definitions: services
owa-http = 80 sourceport, 
80 destination port

definitions: networks
server = 192.168.x.x.

network: nat/masq
rule type dnat / snat
packets to match 
source= any
destination addie = internet address
service = owa-http
change source (no)
change destination (no)
service destination (server)

then on packet filter rules:
source=any
service=http-owa
action = allow
destination = server

translated into english i think what i am saying is, anything that rocks up on the outside leg's address, on port 80, should kindly be forwarded to the server inside.  please.  thanks.

however,
it's not working too well.

i have dyndns running to get traffic to the outside leg's IP.

when i go to dyndns it reports the correct IP.

i get the same error even if i surf to http://the-IP-of-the-outside-leg/exchange.

can't i just set up a generic proxy on v6 that will pretty much publish that specific server's interface on the web?  and we skip all the rules which i thought i had done correctly?

tks.!!

fireice.


This thread was automatically locked due to age.
  • 0

    definitions: services
    owa-http = 80 sourceport, 
    80 destination port

    definitions: networks
    server = 192.168.x.x.

    network: nat/masq
    rule type dnat / snat
    packets to match 
    source= any
    destination addie = internet address
    service = owa-http
    change source (no)
    change destination (no)
    service destination (server)


    Service destination should not be changed, the destination should.  (Or is this a mistype?)


    however,
    it's not working too well.


    What's happening? Nothing?  Have you checked the packet filter live log to see what is being dropped?


    i have dyndns running to get traffic to the outside leg's IP.
    when i go to dyndns it reports the correct IP.
    i get the same error even if i surf to http://the-IP-of-the-outside-leg/exchange.


    Have you tested this from outside your network?  It won't work from the LAN side.


    can't i just set up a generic proxy on v6 that will pretty much publish that specific server's interface on the web?  and we skip all the rules which i thought i had done correctly?


    Have not tested the generic proxy for this but possibly...

    It should work as you have done it.  Many people are doing it this way.