Welcome to the Sophos User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

LinkBack Thread Tools Display Modes
Prev Previous Post   Next Post Next
Join Date: Apr 2006
Location: VA
Posts: 68
#1 (permalink)  
Old 08-18-2008, 05:45 PM
Default DNAT woes with Web server - internal access

I have created the DNAT rules and packet filter rules (and tried with auto packet rules) - <any> to webserver http and https allow

My services seem accessible from outside now as expected which is great!

Problem is users on my LAN cannot access either the website or Outlook Web Access.

Nothing displays in the filter as blocked but something I guess is not right anything from going to the webserver outside address (which then DNATs back to an internal address) does not work.

Is it disappearing up its own *** :-) with the DNAT from an internal address? I tried to create a Stub zone on my internal DNS to point the www.domainname.com to the local address but I cannot create a stub zone for my domain as it will not download from my hosts DNS who has SOA for our domain.

Anyone got any suggestions before I go bald


Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT. The time now is 06:58 PM.

Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.

These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.