This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT AND DMZ

I want to access WEB servers in a DMZ

ASL 2.017 is with 3 nics

External is 217.112.235.x 255.255.255.248

Internal is 192.168.2.x 255.255.255.0

DMZ is 10.254.254.x 255.255.255.0

I’ve two public IPs 217.112.235.y and 217.112.235.z that i want to DNAT in DMZ with two private IPs 10.254.254.y and 10.254.254.z

I’ve enabled masquerading Internal LAN to External, and also HTTP Proxy.

Accessing internet from Internal LAN works fine

I’ve created a DNAT rule for 217.112.235.y port 80 to 10.254.254.y port 80 and a filter rule to allow Any Any 10.254.254.y

I’ve also created an IP alias on external interface of ASL with 217.112.235.y

When enabling ICMP on firewall i can ping from the outside (with a independant internet access) the public address of my web server but i can’t get the home page

Please who can help

This thread was automatically locked due to age.

0 mogul over 23 years ago

Look at http://docs.astaro.org/docs/NAT_Masq.txt
question 8.

this is how i did my webserver..

Dan
Cancel
Vote Up 0 Vote Down

Cancel