Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 4755 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NAT DNAT Inconsistency

KentCalero

Hello Team,


I'm hoping someone can help me figure out why it seems that my DNAT rules behave inconsistently. When I say inconsistent, I mean they forward correctly sometimes while other times they don't. I don't think this is a upstream gateway/modem issue because dnat works consistently with my Mikrotik router. I don't think the issue is with the devices receiving the communication because these devices work 100% of the time when connected directly to the local network, I do however, see failure when using VPN.


I have 4 DNAT rules in place,

443,8080,23484,32400


443 and 8080 work great, no problems. Issues are with the higher ports, 23484 and 32400. I have not yet tried changing those ports to something lower but it's going to be my next test should no one else have any suggestions :(


I have tried disabling IPS and Country Block and adding firewall rules manually. I've tried both specifying a port transformation and not doing so,  no change in behavior. Elk and Plex are the failing services, below is a print screen of my dnat configuration



This thread was automatically locked due to age.
Parents
  • 0

    Kent, did you mean to show us a NAT rule?  That firewall rule doesn't give us much info.

    You also might want to consult #3 through #5 and #1 in Rulz.

    Cheers - Bob

  • 0 in reply to BAlfson

    Hi Bob, you're absolutely correct, looks like I forgot to upload some print screens. I've modified my original post and added a screenshot of one of the rules that is failing. I've been through the Rulz up and down, left and right, can't find anything responsible for the problem.

    I'm using Intel 82571EB NICs that I installed *after* the UTM Home software had already been installed and configured, I have half a mind to back up my config (remembering to set those virtual MACS) and reinstalling the OS. I'm also waiting for my NFR licensing to arrive on an SG-130 in the home lab, maybe the issue *is* hardware.

    I'm currently testing routing the problematic incoming traffic via a different IP address, trying to weed out any issues, but the fact remains it works great with Mikrotik and UBNT EdgeMax. I'm also doing some more testing with country blocking as I think one of the failures (plex) may be due to me having blocked Ireland. That being said, there's a slight possibility I may only be having this issue with 1 device. I'll report more as information becomes available.

  • 0 in reply to KentCalero

    Team, I'm still having this issue with 1 device. I can't figure it out, it just doesn't make sense. The firewall logging reports the connection goes through 100% of the time but the remote device shows successful connection only about 20% of the time. I'm out of ideas, hoping someone can help! If you need any print screens/logs, please let me know

Reply
  • 0 in reply to KentCalero

    Team, I'm still having this issue with 1 device. I can't figure it out, it just doesn't make sense. The firewall logging reports the connection goes through 100% of the time but the remote device shows successful connection only about 20% of the time. I'm out of ideas, hoping someone can help! If you need any print screens/logs, please let me know

Children