Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 2 subscribers
  • Views 2969 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

port forwarding problem

schoetti
Dear all,
can anyone figure out my problem?
I am using a ASG220, Release 6.200.
I want to make internal servers visible for administration purpose from the internet.
the tool is called Remote Administrator. default port 4899, but can be changed.
There is a description at http://www.radmin.com/index.php?lang_ui=en (english).

I'd like to do a port forwarding on one official ipaddress:

official-ip:4899 ----> internal-server1:4899
official-ip:4900 ----> internal-server2:4899
official-ip:4901 ----> internal-server3:4899
.....and so on.

On the Astaro box i set up the network and service definitions.
Packet filter rules are:
src: any --> service: 4899 --> allow --> dst: internal-server1
src: any --> service: 4900 --> allow --> dst: internal-server2
src: any --> service: 4901 --> allow --> dst: internal-server3
.....

But this is only working for the same service pair.
for example:
official-ip:4901 ----> internal-server3:4901

The nat-rules are:

rule-type --> dnat/snat
source--> any
destination address --> official-ip
service --> 4899
change source to --> :no change
change destination to --> internal-server1
service --> 4899

rule-type --> dnat/snat
source--> any
destination address --> official-ip
service --> 4900
change source to --> :no change
change destination to --> internal-server2
service --> 4899

rule-type --> dnat/snat
source--> any
destination address --> official-ip
service --> 4901
change source to --> :no change
change destination to --> internal-server3
service --> 4899

Can anyone help me on this issue?
thanks in advance


This thread was automatically locked due to age.
Parents
  • 0
    Hi,
    not quit sure, what your problem is, maybe missing some content details:
     [ QUOTE ]
     But this is only working for the same service pair.
    for example:
    official-ip:4901 ----> internal-server3:4901 

    [/ QUOTE ] 
    What do you mean by same service pair ??

    Did you also set the necessary packet filter rules ?
    From: Any Service:4899 To:Internal-Server-1
    and so on ....
  • 0 in reply to KKnecht
    Hi.
    Just to make it more clear
    this works:

    official-ip:4899 ----> internal-server1:4899
    official-ip:4900 ----> internal-server2:4900
    official-ip:4901 ----> internal-server3:4901
    .....and so on.

    and this not (but it should):

    official-ip:4899 ----> internal-server1:4899
    official-ip:4900 ----> internal-server2:4899
    official-ip:4901 ----> internal-server3:4899
    .....and so on.

    Thanks,
    schoetti
  • 0 in reply to schoetti
    I think Definitions > Services will allow you to do what you want to do. 

    Farid
  • 0 in reply to fnacer
    Hi.
    In which way?
    I defined the services as 
    service1- TCP 1:65535 --> 4899
    service2- TCP 1:65535 --> 4900
    service3- TCP 1:65535 --> 4901
    etc.
    What am I doing wrong?

    Thanks
  • 0 in reply to schoetti
    It could also be that the application in use here does not like port translation, when implemented like that... I've had other apps that didn't in the past.
Reply Children
No Data