Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 2 subscribers
  • Views 3154 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port forwading in split tunnel mode

Xfiring
Is it possible to have port forwarding work with a RED in split tunnel mode?

So the scenario is that all computers on the red network will be getting dhcp and dns from the central asg.  What I'd like to do is have external traffic that comes in to the asg's public ip at say port 7000 directed to a particular ip address (computer) on a specific RED network. And when traffic would come in on say port 8000 have that go to a specific ip (computer) on a different ReD network. 

Thanks.


This thread was automatically locked due to age.
Parents
  • 0
    Server responses get back correctly because the incoming traffic is handled with a Full NAT instead of a DNAT.  It's the Full NAT's source translation that "fools" the RED into sending the response back through the tunnel.

    Not surprisingly, the solution is identical when Site A and Site B are connected by a site-to-site, and you want to offer an internal server at Site B via a public IP on Site A; a Full NAT at Site A.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Server responses get back correctly because the incoming traffic is handled with a Full NAT instead of a DNAT.  It's the Full NAT's source translation that "fools" the RED into sending the response back through the tunnel.

    Not surprisingly, the solution is identical when Site A and Site B are connected by a site-to-site, and you want to offer an internal server at Site B via a public IP on Site A; a Full NAT at Site A.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML