Hi,
we have a NG FW FP1 with 3
interfaces, and a DSL Router to investigate.
Configuration it's like that :
Web
server (192.168.2.100)
|
|
DMZ
Lan (192.168.2.0)
|
|
| (192.168.2.135)
192.168.1.0 (Internal
LAN) ----------------------- Firewall NG
--------------------------------------------------------
INTERNET
(192.168.1.135)
(212.11.21.13 Valid adress)
I am trying make port mapping to webserver
for http and telnet services (http to web server and telnet to internal
server)
using NAT, and "Perform destination
traslation on the client side" is cheked.
However, I don't get NAT inside.
Rules :
Any
Webserver
http
Accept Log
Any
Internalserver telnet
Accept Log
NAT RULES :
Any
Firewall
http
Original
Webserver
Original
Gateways
Any
Firewall
telnet
Original
Internalserver
Original
Gateways
I can get login but in Firewall host, not in
Internalserver (no Xlated paquets in Log, but I can see
in log :
61.62.63.123 (Origin)
Firewall (Destination) telnet
(Service) 5 (rule number)
Accept
61.62.63.123 (Origin)
Firewall (Destination) http
(Service) 6 (rule
number) Accept
(I don't see drop packets about this, and "Log implied rules" is
checked)
WHY don't translate???
In Global Properties is checked "Automatic rules intersection",
"Perform destination translation on the client side" and
"Automatic ARP configuration".
What's wrong??
I would like to hear some advise...
Thank's in advance
Raul Gonzalez