Firewalling help needed



  • I'm having a problem setting up my rules. I have a basic setup with WAN, LAN, DMZ. My WAN connection is pppoe and I'm doing a 1:1 NAT for a public static to my web/email server in the DMZ. When I try to connect to my website and my email server from the Internet I just get blocked, but I can ping the ip address I natted. What am I doing wrong??

    Here is what my rules look like so far….

    Proto  Source  Port  Destination  Port  Gateway

    WAN

    ICMP  *  *  ! LAN net        *      *
    TCP/UDP  *  80 (HTTP)  DMZ net  80 (HTTP)  *
    TCP/UDP  *  443 (HTTPS)  DMZ net      443 (HTTPS)  *
    TCP/UDP  *  21 (FTP)  DMZ net  21 (FTP)    *
    TCP/UDP  *  110 (POP3)  DMZ net  110 (POP3)  *

    LAN/DMZ

    *  LAN/DMZ net  *  *  *  *



  • Did you setup a virtual IP for this or is this your main IP that you did add the 1:1 nat for?



  • @jspencer241:

    Proto  Source  Port  Destination  Port  Gateway

    WAN
    TCP/UDP              *  80 (HTTP)  DMZ net  80 (HTTP)  *

    Should be

    
    Proto  		Source  	Port  		Destination  	Port  		Gateway
    
    WAN
     TCP/UDP  	            *  	 	  *  	 DMZ net  	80 (HTTP)  	 *
    
    

    You dont want to specify source port as this will be some random number.



  • Oh, good catch sai!  ;D



  • hoba,
    It's the main IP I did the 1:1 nat for.

    sai,
    thx, that worked!

    Thanks, for the help guys!


Locked