Hi, we are currently trying to switch our existing infrastructure to use Astaro network security. Much of the infrastructure is working, but there are a couple of areas we are still having trouble with.
The first is services, running on an internal server, which are published (using DNAT) to the outside world. These work fine when accessed from outside the firewall (using the appropriate external address), and fine when accessed directly using the internal server address.
The problem is with services (e.g CVS or TrendAV) that must always be accessed from the same path. Until now, we simply pointed internal clients at the external address of the server, and the old firewall would loop the requests back into our network so that the server saw these requests coming in from the outside.
I won't bore you listing all the ways I have tried so far that don't work, but no combination of packet filters / SNAT / DNAT that I've tried allows this to work properly. Can anyone point me to an article / explanation of how to get these packets through the packet filter to the server and back again?
Thanks in advance,
Paul
PS: I will ask about the other issues in separate posts to avoid future confusion.
This thread was automatically locked due to age.
