Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 2 subscribers
  • Views 15253 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Hairpin routing NAT

timdoty17545
I'm hairpin routeing off my Internal interface between 2 subnets and can ping but not RDP.  When I RDP from 10.10.39.138 t0 192.168.25.21 I only see return traffic in the logs.

13:51:45         Suspicious TCP state          TCP          192.168.25.21:51485→ 10.10.39.138:52438          [ACK RST]          len=40          ttl=127          tos=0x00          srcmac=00:03:47:71:5d:3d          dstmac=00:15:17:24:aa:30    

Any suggestions?  Something with nat perhaps?


This thread was automatically locked due to age.
Parents
  • 0
    That was my guess, too, Drew, but I got the impression that he had a Static Route and maybe an Additional Address on the Internal interface because I would have expected a DNAT to cause a "mysterious" routing problem instead of a TCP state violation.

    Tim, I know Drew's suggestion will solve your problem, but I'm still curious what was done to get those packets routed correctly but blocked.

    Cheers - Bob
    PS KnowledgeBase article: Accessing Internal or DMZ Webserver from Internal Network
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    "Use strict TCP session handling" will cause fwrule 60009. Turn it off and see what happens.
Reply Children
No Data
Unfiltered HTML