This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access inside server on outside adress from the lan

With a dnat and and automatic firewall rule I published active sync on a sbs2003 server. Mail synchronisation from the wan works perfectly but when the smartphones/tablets are connected to the lan it doesn't work anymore.

The request goes from the inside lan to the outside wan and then again to the inside, can it be that the UTM think this is spoofing?

This thread was automatically locked due to age.

0 Ol Deda over 12 years ago

DNAT primary objective is to translate from outside to inside
This can be resolved adding the sbs2003 in Request Routing under DNS Service, if you point the devices to your LAN by domain name and not by External WAN Address
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 12 years ago

Hi,
If the sbs server is not in a DMZ, then I believe you'd need a FULL NAT for the LAN.

There's an article about this in the knowledge base:
Accessing Internal or DMZ Webserver from Internal network (Astaro Security Gateway)

If you have a DMZ and don't use the http proxy, then your DNAT should be all that's needed.

EDIT: I didn't see Olsi's post when I was writing this... Internal DNS is another good solution, and is preferable to NATs.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 fooc over 12 years ago

Thanx for the tips people. Your answers made me think about it and I came up with an better solution for my case.

The internal devices use de dns of the sbs2003 server, I added host a records to the dns with the external dns names pointing to the internal server ip and it works now.

Thanx for your answers
Cancel
Vote Up 0 Vote Down

Cancel