I kinda assumed that the packets would have been translated to be from the
machine on the firewall ... it was only after snooping from the firewall
that I noticed the originator ...
I'm going to have to "delegate" because I don't trust the windows server to
know anything about the outside world.
We've all been there. :(
On 04/19/2013 08:08 AM, Jonathan Adams wrote:
ignore me, i'm just being stupid!
on the accelerated host I needed to add the route to the external server :(
On 19 April 2013 12:58, Jonathan Adams wrote:
On 19 April 2013 11:45, Gary Gendel wrote:
Jon,
I redirect
ignore me, i'm just being stupid!
on the accelerated host I needed to add the route to the external server :(
On 19 April 2013 12:58, Jonathan Adams wrote:
> On 19 April 2013 11:45, Gary Gendel wrote:
>
>> Jon,
>>
>> I redirect ports fine using nat. I'm trying to understand what's
>> differe
On 19 April 2013 11:45, Gary Gendel wrote:
> Jon,
>
> I redirect ports fine using nat. I'm trying to understand what's
> different between your and my setup. For example in my ipnat.conf file I
> have:
>
> rdr bge0 0.0.0.0/0 port 2022 -> 10.101.1.9 port 22 tcp/udp
>
> Where bge0 is my external
Jon,
I redirect ports fine using nat. I'm trying to understand what's
different between your and my setup. For example in my ipnat.conf file
I have:
rdr bge0 0.0.0.0/0 port 2022 -> 10.101.1.9 port 22 tcp/udp
Where bge0 is my external nic (bge1 is my internal nic). BTW, I use
0.0.0.0/0 so
more specific addresses to forward:
root@oldfluffy:/etc/ipf# ipnat -l
List of active MAP/Redirect filters:
rdr iprb0 n.n.62.35/32 port 143 -> 192.168.0.12 port 143 tcp
rdr bge0 192.168.0.65/32 port 143 -> 192.168.0.12 port 143 tcp
List of active sessions:
RDR 192.168.0.12 143 <- ->n.n.62.35
Actually in the real system I am trying to forward a port from an external
address (on the internet, the address I hid) to an internal RDP server
(port 3389 tcp) ... but for testing I forwarded to an internal IMAP server
iprb0 is the external interface, bge0 is the internal.
I added bge0 to see i
BTW - My solution was to make etherstubs, and create a virtual router, with my
"working" zones in another network segment. Then everything works fine.
See:
http://www.c0t0d0s0.org/archives/5355-Upcoming-Solaris-Features-Crossbow-Part-1-Virtualisation.html
It's actually simple to do. If I can
On Apr 18, 2013, at 2:15 PM, Jonathan Adams wrote:
> In the past I have used "delegate" to do port forwarding on our internal
> servers, forwarding from a server directly connected to the internet, to
> one that has no direct connection.
>
> I was about to set up delegate to do the same job, whe
In the past I have used "delegate" to do port forwarding on our internal
servers, forwarding from a server directly connected to the internet, to
one that has no direct connection.
I was about to set up delegate to do the same job, when it struck me that I
should be able to use ipfilter, via ipnat
10 matches
Mail list logo
