Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 533 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[8.102 BUG] System allows defective DNAT config

BarryG
Hi, after setting up a second EXT connection and Multipath Rules on a friend's firewall, I added a DNAT for the second EXT interface.

I apparently forgot to fill in the "Destination" fields, and saved the rule and turned it on.
It did not warn me that this was an invalid configuration.

Afterwards, all internet access was broken.

Inbound pings worked, but outbound pings and traceroutes from LAN or from the firewall itself all only went out the EXT and returned immediately (they appeared to be working but were only going the first hop).

DNS and all other traffic failed.

Please fix the DNAT dialog so that a misconfiguration with no DEST will generate a warning.

Thank you,
Barry


This thread was automatically locked due to age.
Parents
  • 0
    I am unable to duplicate that on an 8.102 system.  I don't suppose you could provide a screenshot?  When I try, I get an error message, "NAT Rule misses a parameter"

    Also, how is multipath configured?  Maybe that is part if the issue.
Reply
  • 0
    I am unable to duplicate that on an 8.102 system.  I don't suppose you could provide a screenshot?  When I try, I get an error message, "NAT Rule misses a parameter"

    Also, how is multipath configured?  Maybe that is part if the issue.
Children
No Data