Hello guys,
I am trying to create a DNAT rule for a server based in a DMZ network. We have a wifi controller in the DMZ where Access Points from different onsite and offsite locations connect to through two different ports over WAN. I managed that with a DNAT rule from external and a dns entry on our domain controller which points to the public ip in the DMZ (works fine).
Now we got the requirement that the web ui port 8443 is only accessable by the internal network and not external. But the port seems to be blocked (default drop if I read the logs). I tried now everything I can imagine with Full Nat/DNAT and firewall rules. It seems like he doesn't use the NAT rules because in the logs the default drops says source internal server ip from where I tested it and destination is the public ip (where normally the DMZ server address should be).
Have you guys an idea?
Thanks in advance.
Kind regards,
Matthias
This thread was automatically locked due to age.
