This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT / SNAT Problems

I got a Zyxel ADSL Router, that's configured as a Bridge.
I got three Network Interfaces (RED PPPoE, Green 172.23.40.1, and a DMZ 172.24.40.1).
But first I just setup the PPPoE and the green interface.
After that I configure the SNAT/DNAT Rules like this:

Out Internal_Network__ -> Any / Any Red_Interface__ None
In Any -> Red_Interface__ / Any None Internal_Network__

As soon I save the In rule the firewall doesn’t answer any Pings and I cant connect to the Web GUI.

Please Help me.

This thread was automatically locked due to age.

0 psychorugger over 21 years ago

Did you create a packet filter rule allowing your dmz network to allow the incoming ports?
Also, do you really want to allow any ports in your SNAT/DNAT and not just it's specific uses?
Also for out, it looks like you're trying to do the same as straight masquerading?
What do your routing policies look like?

psychorugger
Cancel
Vote Up 0 Vote Down

Cancel
0 psychorugger over 21 years ago

Also, something else I just noticed is that your DNAT is set to route all of your internal network. Try routing internal_interface to Red_interface. I make that same mistake when I start doing things really quick and don't think about it.

psychorugger
Cancel
Vote Up 0 Vote Down

Cancel
0 Xeno over 21 years ago

> Out Internal_Network__ -> Any / Any Red_Interface__ None

Try to use masquerading for doing this.

> In Any -> Red_Interface__ / Any None Internal_Network__

This does not work. This rule redirects a singel destination (Red_Interface) to a whole Network (Internal_Network). That doesn't work.
Try the following:
In Any -> Red_Interface__ / Any None A_SINGLE_IP___

Please also do not forget to set packetfilter-rule.
To allow ping, goto Packet Filter -> ICMP.

Please do not post twice.

Xeno
Cancel
Vote Up 0 Vote Down

Cancel