Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 5335 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forwarding With Double NAT

tsull360
Hello,
I seem to have hit a wall getting my ISP (Kabel BW) allowing me to bridge my Fritz!Box 6360 to my Sophos 9.106-17 system. Primarily language barrier I think (I don't speak German very well).

My configuration is as follow:
ISP --> Fritz! (NAT Router) --> Sophos --> Clients

Detailed:
Fritz External (ISP Public IP)/Fritz Internal (192.168.178.1) --> Sophos External (192.168.178.200)/Sophos Internal (192.168.44.1) --> Client IP's (DHCP)

Rule Example:
DNAT
From: Any
Service: HTTP
To: External (WAN) (Address)
Change Destination to: 

With my old IPS I just had DNAT rules to publish resources, but this isn't working since the ISP swap. I'm sure it's because I'm subjecting the traffic to double NAT conditions, but I don't think I can avoid it.

Any pointers on how to get this working?

Thanks,
Tim


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BarryG
    Thanks for responding Barry. Firewall rule creation is checked. I've turned off IPS to reduce my potential problem set.

    I don't see any entries of even an attempt in the firewall logs. Looking at various forums, it looks like its because my ISP does something called DS-Lite-Tunnel, which is some type of IPv6 translation mechanism.

    I've got DNAT rules on my Fritz box going, in fact I made it an 'Exposed Host', which I liken to a DMZ system.

    Tim