This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nat always blocked

Hi everyone, I need help!

I want that all traffic from "EXTERNAL" to "PUBLIC_IP2_OFFICE1" forward to "PUBBLIC_IP2_OFFICE2"

This "PUBBLIC_IP2_OFFICE2" is an additional IP address of a branch office connected to OFFICE1 with VPN IPSEC.

The traffic fordwarded don't must on the vpn

OFFICE1 - PUBBLIC_IP1  PUBBLIC_IP1 - OFFICE2
               PUBBLIC_IP2                                     PUBBLIC_IP2
               PUBBLIC_IP3                                     PUBBLIC_IP3

So I created a DNAT and packet filter rule:

DNAT:
ANY to PUBLIC_IP2_OFFICE1 fordward to PUBBLIC_IP2_OFFICE2

PACKET FILTER RULE:
allow ANY from EXTERNAL to PUBLIC_IP2_OFFICE1
allow ANY from PUBLIC_IP2_OFFICE1 to EXTERNAL

The traffic IN is ok.
NAT rule #51   UDP  IP_EXTERNAL_***  :  10003 → IP_PUBBLIC2_OFFICE1 :  10003

The traffic OUT instead is always BLOCKING
Default DROP   UDP  IP_EXTERNAL_*** :  10003 → IP_PUBBLIC2_OFFICE2 :  10003

Thanks for any help!!!

This thread was automatically locked due to age.

Parents

0 BAlfson over 10 years ago

Frank, I had difficulty following your explanation, but I see DNAT and VPN together, so I'll guess that you need to replace the DNAT with a Full NAT that replaces the original source with the IP of the UTM. Any luck with that?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 10 years ago

Frank, I had difficulty following your explanation, but I see DNAT and VPN together, so I'll guess that you need to replace the DNAT with a Full NAT that replaces the original source with the IP of the UTM. Any luck with that?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data