Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forward (and Multiwan)

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    1 Posts 1 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      Twistor
      last edited by

      So I have 2 WAN's one static, one dynamic where dynamic is the default.
      The static WAN is used for DMZ only, which works just fine.

      I've managed to create a port forward from WAN2 port 22 to a DMZ host on port 22 which works great, but it's not the port I need.

      I need 53 and 25 forwarded but I just can't get it to work.
      If I forward 25, tcpdump on the DMZ host says this:
      10:02:14.680412 IP externalhost .16603 > localhost.localdomain.smtp: S 3068046129:3068046129(0) win 8192 <mss 1460,nop,wscale="" 8,nop,nop,sackok="">10:02:14.680444 IP localhost.localdomain > externalhost: ICMP host localhost.localdomain unreachable - admin prohibited, length 60

      If I forward 53, tcpdump on the DMZ host turns up nothing but when I put wireshark next to the WAN2 I get this
      46423 71.781856 externalhost WAN2 Static      DNS Standard query A weha.be.immosafe.local
      46425 71.782461 WAN2 Static externalhost ICMP Destination unreachable (Host administratively prohibited)

      Sidenote: I can't access these ports from the local LAN as well but I can ping the DMZ host (same error occures in tcpdump)

      WAN2 rules:

      DMZ rule:

      Port Forward:

      NAT Outbound:
      </mss>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.