Hi everyone,
I would like to ask you for help/advice. I have two sites, both running UTM 9.705-3. IPSec Site-to-Site VPN is established between Site A (Public IP - Local Subnet 192.168.2.0/24) and Site B (behind a provider's NAT - not public IP - Local Subnet 192.168.4.0/24).
Access to local resources works correctly between the sites, like RDP or SMB/FTP to a NAS.
But I cannot figure out how to set up a NAT to allow access to NAS over FTP which is located on Site B through the public IP of Site A -> NAT -> IPSec VPN -> Site B.
I tried FullNAT from the internet, service FTP, going to Public IP of the Site A -> destination to NAS (in local subnet 192.168.4.0/24), source to Internal Address of Site A gateway.
But it is dropped by the Site A firewall (Forward Default Drop):
2021:03:09-00:12:05 gtw-asgaard ulogd[28481]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth0" outitf="eth0" srcmac="*MAC*" dstmac="*MAC*" srcip="InternetIP" dstip="192.168.4.NAS_IP" proto="6" length="60" tos="0x00" prec="0x00" ttl="57" srcport="52888" dstport="21" tcpflags="SYN"
Could you please advise how to properly set up firewall / NAT rules?
I'm not really a network expert and don't have enough experience to find the problem.
Thanks in advance.
This thread was automatically locked due to age.
