Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 737 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT https question

netorange
Hi all, i've a problem with DNAT of https from a secondary wan IP address versus internal web server:

here is my configuration:
Interfaces:
External (WAN) on eth1 [***.yyy.zzz.234/29] MTU 1500 · DEFAULT GW ***.yyy.zzz.233
Internal on eth0 [192.168.103.254/24]

Definitions network:
host webmail-EXT ***.yyy.zzz.235 Bound to External (WAN)
host webmail-INT 192.168.103.1 Bound to Internal

Network security NAT:
DNAT [Webmail]
Traffic selector: Any → HTTPS → webmail-EXT
Destination translation: webmail-INT HTTPS
Automatic packet filter rule: yes
Initial packets are logged: yes

but it doesn't work
If I change DNAT on external WAN first IP ***.yyy.zzz.234 it work correctly but I cannot use ssl vpn; this is the reason beacause i'd like to use second IP address ***.yyy.zzz.235

what is wrong?
ciao
Paolo


This thread was automatically locked due to age.
Parents
  • 0
    You need add the .235 as an additional address on the external interface. Once you do that you can use the interface definition(this will be created when you add the additional addres) in you dnat rule and it should work.
Reply
  • 0
    You need add the .235 as an additional address on the external interface. Once you do that you can use the interface definition(this will be created when you add the additional addres) in you dnat rule and it should work.
Children