I have a Security Gateway with 7.101 software
I set up a wan public address x.x.x.206 wit ARPPROXY enabled and x.x.x.205 as an additional address.
I set up a DMZ with y.y.y.254 on Astaro and a Linux server on y.y.y.1
I have a DNAT Any -> Any -> x.x.x.205 natted to y.y.y.1, no automatic rule
I also have a SNAT y.y.y.1 -> Any -> Any natted to x.x.x.1 no automatic rule (but enabling or disabling this rule does note change the situation)
I created two "incoming" rules to access the server on port 22 and 80 and they work perfectly. In fact I can access the server on DMZ from a remote office.
I set up a rule y.y.y.1 -> Any on HTTP service to allow the server on DMZ to access external websites. This rule has logging enabled.
If I try to access any webserver from the DMZ server, I got a "positive" (green) log entry from y.y.y.1 to the destination website on port 80, but the packets never reach the destination host (I used tcpdump on destination host to detect incoming traffic).
I am missing a key setting, but after a couple of days of RTFM I am really out of ideas.
Any suggestion?
Thank you in advance.
Ciao,
luigi
This thread was automatically locked due to age.
