Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DynDNS in Fritz Box auf ASG V8 Verständnisfrage

Hey,

und zwar habe ich eine FRITZ!Box WLAN 3170.

In meinem Heimnetzwerk habe ich einen vmware Vsphere Hypervisor 5.0 Server (ESXi) wo auf einer VM ein Astaro Security Gateway V8 läuft (Home Use Lizenz).

Das Szenario ist so aufgebaut:



Astaro IP:    192.168.180.1   - 192.168.180.0 = HEIMDMZ
Fritz Box IP: 192.168.178.1   - 192.168.178.0 = HEIMNETZ


Hab auf einem Server 2008 - im HEIMDMZ - server08 - einen Counterstrike Server installiert, der eingehend / ausgehend über TCP / UDP Port 27015 erreichbar ist. 

Daraufhin hab ich in der Astaro unter Firewall eine Regel erstellt, dass server08 mit jedem Dienst ins Internet darf. Das funktioniert auch, denn wenn ich den CSS Server auf server08 starte, verbindet er sich zu den Valve Masterservern und zeigt mir auch die richtige öffentliche IP an.

So, wenn ich nun aber in Counterstrike diese Öffentliche IP bzw. Dyndns-Eintrag + Port eingebe und den Server suche, findet das Spiel diesen nicht.

Dydns ist in der Fritzbox aktiv. In der Astaro hab ich unter Netzwerkdienste auch meinen Dyndns Account eingerichtet.

Sie zeigt mir auch einen successful Status: 

-------

DynDNS status is: The last update was successful.

DynDNS modified: Sun Nov 13 19:36:34 2011

--------
 
Wie verhält sich das, über welchen Dyndns ist der Server  nun erreichbar?

Über den von der Fritz Box oder den von der Astaro?

Hab auch mal testweiße als Firewall Regel: Any -> Any -> Any  gewählt, der Server kontne jedoch immernoch nicht gefunden werden.


Danke schonmal

greeZ


This thread was automatically locked due to age.
Parents
  • Hi,

    Du wirst noch eine DNAT Regel schreiben müssen.
  • Hey,

    danke schonmal für deine Antwort...

    Hab mich mal in DNAT ein bisschen eingelesen und eine Regel erstellt.. Klappt aber immernoch nicht. 

    Hier mal nen Screenshot der DNAT Regel:




    ------------------------------

    Hier ein Screenshot von den Firewallregeln:




    ------------------------------




    Wie im Logfile zu sehen ist, kommt der Server auch ins Internet und nimmt mit den Steam Master Servern Kontakt auf. Er zeigt mir auch in der Serverkonsole die richtige öffentliche IP an.

    2011:11:14-19:14:38 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3413" dstport="14013" tcpflags="SYN" 
    
    2011:11:14-19:14:41 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="146.66.152.12" proto="17" length="112" tos="0x00" prec="0x00" ttl="127" srcport="26901" dstport="27018" 
    2011:11:14-19:15:10 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3417" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:15:13 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3417" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:15:19 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3417" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:15:35 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="146.66.152.12" proto="17" length="112" tos="0x00" prec="0x00" ttl="127" srcport="26901" dstport="27018" 
    2011:11:14-19:15:50 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3422" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:16:11 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3427" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:16:49 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="63.234.149.90" proto="17" length="273" tos="0x00" prec="0x00" ttl="127" srcport="27015" dstport="27011" 
    2011:11:14-19:16:49 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="63.234.149.83" proto="17" length="274" tos="0x00" prec="0x00" ttl="127" srcport="27015" dstport="27011" 
    2011:11:14-19:16:59 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3512" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:17:19 astaro1 ulogd[5741]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="192.168.180.1" proto="17" length="62" tos="0x00" prec="0x00" ttl="128" srcport="56542" dstport="53" 
    2011:11:14-19:17:40 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3517" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:18:09 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3527" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:18:19 astaro1 ulogd[5741]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="192.168.180.1" proto="17" length="62" tos="0x00" prec="0x00" ttl="128" srcport="64248" dstport="53" 
    2011:11:14-19:18:50 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3532" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:19:31 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3537" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:20:13 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3542" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:20:55 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3547" dstport="14013" tcpflags="SYN" 



    Danke schonmal


    greeZ
Reply
  • Hey,

    danke schonmal für deine Antwort...

    Hab mich mal in DNAT ein bisschen eingelesen und eine Regel erstellt.. Klappt aber immernoch nicht. 

    Hier mal nen Screenshot der DNAT Regel:




    ------------------------------

    Hier ein Screenshot von den Firewallregeln:




    ------------------------------




    Wie im Logfile zu sehen ist, kommt der Server auch ins Internet und nimmt mit den Steam Master Servern Kontakt auf. Er zeigt mir auch in der Serverkonsole die richtige öffentliche IP an.

    2011:11:14-19:14:38 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3413" dstport="14013" tcpflags="SYN" 
    
    2011:11:14-19:14:41 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="146.66.152.12" proto="17" length="112" tos="0x00" prec="0x00" ttl="127" srcport="26901" dstport="27018" 
    2011:11:14-19:15:10 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3417" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:15:13 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3417" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:15:19 astaro1 ulogd[5741]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3417" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:15:35 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="146.66.152.12" proto="17" length="112" tos="0x00" prec="0x00" ttl="127" srcport="26901" dstport="27018" 
    2011:11:14-19:15:50 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3422" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:16:11 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3427" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:16:49 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="63.234.149.90" proto="17" length="273" tos="0x00" prec="0x00" ttl="127" srcport="27015" dstport="27011" 
    2011:11:14-19:16:49 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="5" initf="eth1" outitf="eth0" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="63.234.149.83" proto="17" length="274" tos="0x00" prec="0x00" ttl="127" srcport="27015" dstport="27011" 
    2011:11:14-19:16:59 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3512" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:17:19 astaro1 ulogd[5741]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="192.168.180.1" proto="17" length="62" tos="0x00" prec="0x00" ttl="128" srcport="56542" dstport="53" 
    2011:11:14-19:17:40 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3517" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:18:09 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3527" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:18:19 astaro1 ulogd[5741]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1" srcmac="0:c:29:ce:5b[:D]3" dstmac="0:c:29:fd:fc:0" srcip="192.168.180.100" dstip="192.168.180.1" proto="17" length="62" tos="0x00" prec="0x00" ttl="128" srcport="64248" dstport="53" 
    2011:11:14-19:18:50 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3532" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:19:31 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3537" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:20:13 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3542" dstport="14013" tcpflags="SYN" 
    2011:11:14-19:20:55 astaro1 ulogd[5741]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="4" initf="eth0" srcmac="0:24:fe:c9:c5:13" dstmac="0:c:29:fd:fc:f6" srcip="192.168.178.1" dstip="192.168.178.220" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="3547" dstport="14013" tcpflags="SYN" 



    Danke schonmal


    greeZ
Children
No Data