DNAT
DNAT/SNAT Any->External (address)->HTTP No change to source. Change destination to Service destination - No Change
I have the following packet filter rules set up:
- Internal Network->Any->Internal (network)->Allow
- DMZ->Any->Internal (Network)->Drop
- Internal (Network)->DNS->Any->Allow
- Internal (Network)->Any->Any->Allow
- Any->HTTP->External (Address)->Allow
- Any->RTP->Vonage_WAN->Allow
That's as per the various white papers and docs that I could find, and the various posts in the forums. Yet, port 80 still shows as blocked if I do a port scan from outside. I said, "OK, maybe Verizon is blocking port 80". So I did the same exercise with some other random port, like 82. No dice. Same problem.
The web server is not on the DMZ. It will be, but for the moment it's just on the internal network. I must mention that I am not a network engineer. I'm a software engineer mom who works from home. I've started doing some web app development for work, so I need to expose not just one web server, but 2. I know they'll need to go on different ports 80 and 8080? I don't know what else to try. I also tried runnig IIMS on a different machine on the network to make sure it wasn't some strange security setting on the machine I was using, but that didn't help.
STATS:
Astaro v6.303
Web server is Windows XP
Verizon FiOS internet connection. I am NOT using their router because the firewall sux. [:)]
I'm not sure what else you need to know. Thanks for the help. This sleep deprived mom is too pooped to ponder this one on her own anymore.
Thanks much,
Julie
This thread was automatically locked due to age.
