Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 883 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT/FullNat issue

DonnieHarb
Hi,

My company runs the Astaro Security Gateway v8 and i am new to it. I have been asked to setup NAT so that people internally and externally can access a new website that we are hosting. I noticed that another set of rules was setup so that people could access our CRM system both internally and externally and so i thought that I could just clone those two rules and change the destination IP address to make this work but so far it is does not.

This is what was originally setup:
Rule 1 - Full NAT

Group: >
Position: 3
Traffic Source: Internal (Network)
Traffic Service: HTTP
Traffic Destination: External WAN
NAT Mode: Full NAT
Destination: CRM >
Destination Service:
Source: Internal (Address)
Source Service:
Automatic Firewall Rule: Ticked

Rule 2 - DNAT
Group: >
Position: 4
Traffic Source: Any
Traffic Service: HTTP
Traffic Destination: External WAN
NAT Mode: DNAT (Destination)
Destination: CRM >
Destination Service: HTTP
Automatic Firewall Rule: Ticked

So i used these 2 rules and cloned them to setup the new rules for the additional websites on the different servers and ended up with this:
Rule 1 - Full NAT

Group: >
Position: 5
Traffic Source: Internal (Network)
Traffic Service: HTTP
Traffic Destination: External WAN
NAT Mode: Full NAT
Destination: Beta>
Destination Service:
Source: Internal (Address)
Source Service:
Automatic Firewall Rule: Ticked

Rule 2 - DNAT
Group: >
Position: 6
Traffic Source: Any
Traffic Service: HTTP
Traffic Destination: External WAN
NAT Mode: DNAT (Destination)
Destination: Beta>
Destination Service: HTTP
Automatic Firewall Rule: Ticked

Unfortunately it doesn't seem to work. When I go the address of the new service it takes me off to the CRM service even though they run off different IP's. Also, i moved the new rules to sit above the old rules and still the same issue. 

I thought that it might be the conflicting Full NAT rules so i deleted the newly created one kept the original one and the CRM service stopped working and the new one still wouldn't work.

As I said i haven't worked with the Astaro system before and these are things that I have inherited so any help would be much appreciated.

Thanks in Advance
Don


This thread was automatically locked due to age.
Parents Reply Children
No Data