Hi,
I am trying to give an external IP address access to an internal (RMI) server behind the ASG. So I have a DNAT rule to redirect the incoming packet to the internal server, and I have a Packet filter rule which allows this particular external IP to get through to the internal server.
In the log I can see the DNAT rule applied, followed by the PF rule. But there is no packet going to the internal server! I am checking all the traffic to/from the server with a network monitor.
If I do the same thing from within the LAN (behind the ASG) everything works fine and I can see all the packets to/from the server.
Here is the packet filter rule from the log:
2011:05:25-16:06:32 oecwall ulogd[5255]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="18" initf="ppp0" outitf="eth0" srcmac="0:8:54:57:13:63" srcip="80.187.107.68" dstip="192.168.115.58" proto="6" length="64" tos="0x00" prec="0x00" ttl="111" srcport="55624" dstport="2004" tcpflags="SYN"
It correctly shows the external IP translated by DNAT to the internal "192.168.115.58".
What can possibly happen to the packet after having passed the packet filter rule?
Grateful for any ideas,
Thanks,
Klaus
This thread was automatically locked due to age.