Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 3630 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Default Drop

sfischer
Hi,

Config:
Int Network 10.8.85.0/24
FTP Client Adr 10.8.85.15
Int Astaro Interface Adr: 10.8.85.1

DMZ Network 10.8.100.0/24
FTP Server Adr 10.8.100.5
DMZ Astaro Interface Adr: 10.8.100.1

Packetfilter:
for FTP Server Allow Any Service to Any Network 

Connection from FTP Client to FTP Server:
packetFilterLiveLog:

I get a lot of Droped Packets:
Default Drop 10.8.100.5:21 -> 10.8.100.1:***x

Why?


This thread was automatically locked due to age.
Parents
  • 0
    I guess the packets are dropped because there's no route back to the 'Internal (Network)'.  The KnowledgeBase lists several different approaches when you search on DMZ.

    Does that solve the problem?

    Cheers - Bob
  • 0 in reply to BAlfson
    Hi,
    I have set a snat rule, but still the same problem with droped packets,

    SNAT rule:
    Source Adress: Internal-Network
    Destination Adress: Pulic-Interface(Adress)
    Service: FTPServices (FTP 20:21; FTPES Ports)
    Change-Source: Public-Interface(Adress)
    Change-Destination: FTP_SERVER_DMZ_IPADR

    Auto Packetfilter rule: ON
Reply
  • 0 in reply to BAlfson
    Hi,
    I have set a snat rule, but still the same problem with droped packets,

    SNAT rule:
    Source Adress: Internal-Network
    Destination Adress: Pulic-Interface(Adress)
    Service: FTPServices (FTP 20:21; FTPES Ports)
    Change-Source: Public-Interface(Adress)
    Change-Destination: FTP_SERVER_DMZ_IPADR

    Auto Packetfilter rule: ON
Children
No Data