Hi,
I wanted some extra security for a backup server.
So i setup an Astaro Security Gateway as follow:
I have a public ip range 1.2.3.4/26
So i added the ip 1.2.3.10 as an aditional ip
(Interfaces & Routing > Interfaces > Additional Addresses)
I created a DNAT and SNAT rule.
The lan ip of the backup server is: 192.168.0.10
I can log in into the backup server (http, SSH, FT) from home.
However, i can not log in into the backup server from any machine that is
on the public ip range 1.2.3.4/26
If i ping the backup server from home i see this:
PING bu.***.com (1.2.3.10): 56 data bytes
64 bytes from 1.2.3.10: icmp_seq=0 ttl=55 time=15.643 ms
64 bytes from 1.2.3.10: icmp_seq=1 ttl=55 time=13.860 ms
64 bytes from 1.2.3.10: icmp_seq=2 ttl=55 time=15.604 ms
64 bytes from 1.2.3.10: icmp_seq=3 ttl=55 time=15.581 ms
So that is ok.
If i do a ping from on of the machines that is using an ip in the range 1.2.3.4/26 i see this:
PING bu.***.com (1.2.3.10): 56(84) bytes of data.
64 bytes from 192.168.0.10: icmp_seq=1 ttl=64 time=1.32 ms
64 bytes from 192.168.0.10: icmp_seq=2 ttl=64 time=0.212 ms
64 bytes from 192.168.0.10: icmp_seq=3 ttl=64 time=0.207 ms
64 bytes from 192.168.0.10: icmp_seq=4 ttl=64 time=0.242 ms
64 bytes from 192.168.0.10: icmp_seq=5 ttl=64 time=0.169 ms
So i think the reason that i can not connect to the backup server is that the lan ip (192.168.0.10) is shown here.
If you connect with SSH the machine is connecting to bu.***.com (1.2.3.10) and get a reply from 192.168.0.10.
Any help would be appreciated.
Thanks in advance,
Dylan
This thread was automatically locked due to age.
