Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 509 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nat always blocked

papali
Hi everyone, I need help!

I want that all traffic from "EXTERNAL" to "PUBLIC_IP2_OFFICE1" forward to "PUBBLIC_IP2_OFFICE2"

This "PUBBLIC_IP2_OFFICE2" is an additional IP address of a branch office connected to OFFICE1 with VPN IPSEC.

The traffic fordwarded don't must on the vpn

OFFICE1 - PUBBLIC_IP1  PUBBLIC_IP1 - OFFICE2
               PUBBLIC_IP2                                     PUBBLIC_IP2
               PUBBLIC_IP3                                     PUBBLIC_IP3

So I created a DNAT and packet filter rule:

DNAT:
ANY to PUBLIC_IP2_OFFICE1 fordward to PUBBLIC_IP2_OFFICE2

PACKET FILTER RULE:
allow ANY from EXTERNAL to PUBLIC_IP2_OFFICE1
allow ANY from PUBLIC_IP2_OFFICE1 to EXTERNAL

The traffic IN is ok.
NAT rule #51   UDP  IP_EXTERNAL_***  :  10003 → IP_PUBBLIC2_OFFICE1 :  10003


The traffic OUT instead is always BLOCKING
Default DROP   UDP  IP_EXTERNAL_*** :  10003 → IP_PUBBLIC2_OFFICE2 :  10003

Thanks for any help!!!


This thread was automatically locked due to age.
Parents
  • 0
    Not sure what you want to achieve, but do I read it correctly that traffic from the internet arriving at Office 1 should be redirected over the internet to the public address of Office 2?

    In that case I would work with DNS-records which can easily be changed in case you ever want the destination to change.
Reply
  • 0
    Not sure what you want to achieve, but do I read it correctly that traffic from the internet arriving at Office 1 should be redirected over the internet to the public address of Office 2?

    In that case I would work with DNS-records which can easily be changed in case you ever want the destination to change.
Children
No Data