1:1 NAT got HTTP 302 and RDP problems

Home Page Forums Network Management Networking 1:1 NAT got HTTP 302 and RDP problems

This topic contains 0 replies, has 0 voices, and was last updated by  akaboku 3 years, 7 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #44246

    akaboku
    Member

    I am not linux expert and Im trying to setup zeroshell according to the document ‘http://www.zeroshell.net/listing/1_1_NAT_in_ZeroShell.pdf’

    I have the following problems and Im stuck, please help.
    1. WAN user cannot access the map service hosted at 10.2.0.1 (can access the tools bar but the map not shown) while internal user can access the map service without any problem. Development team told me that the application server got HTTP 302 error message.
    2. WAN users can remote access 10.2.0.1 but not 10.1.0.13

    here is the configuration:
    H/W: VM on 2012R2 Hyper-v 3, 1GB RAM, 4GB VHD fixed.

    ETH00: 10.2.0.254 / 255.255.255.0 (Server network)
    ETH01: 10.1.0.1 / 255.255.255.0 (Internal network)
    ETH02: 211.1.1.253 / 255.255.255.192 (WAN multiple public IP)
    211.1.1.252 / 255.255.255.192
    211.1.1.251 / 255.255.255.192

    Script/Corn > NAT and Virtual Server
    iptables -t nat -I PREROUTING 1 -d 211.1.1.251 -i ETH02 -j DNAT –to-destination 10.2.0.1
    iptables -t nat -I PREROUTING 1 -d 211.1.1.252 -i ETH02 -j DNAT –to-destination 10.1.0.13

    iptables -t nat -I POSTROUTING 1 -s 10.2.0.1 -o ETH02 -j SNAT –to-source 211.1.1.251
    iptables -t nat -I POSTROUTING 1 -s 10.1.0.13 -o ETH02 -j SNAT –to-source 211.1.1.252

    Default Gateway: 211.1.1.254 / 255.255.255.192

    Firewall FORWARD DROP
    1 ETH01 * ACCEPT all opt — in ETH01 out * 0.0.0.0/0 -> 0.0.0.0/0 no
    2 ETH00 * ACCEPT all opt — in ETH00 out * 0.0.0.0/0 -> 0.0.0.0/0 no
    3 * * ACCEPT all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED no
    4 ETH02 ETH00 ACCEPT tcp opt — in ETH02 out ETH00 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.2.0.1-10.2.0.2 tcp dpt:80
    5 ETH02 ETH00 ACCEPT tcp opt — in ETH02 out ETH00 0.0.0.0/0 -> 10.2.0.2 tcp dpt:81
    6 ETH02 ETH00 ACCEPT tcp opt — in ETH02 out ETH00 0.0.0.0/0 -> 10.2.0.6 tcp dpt:8080
    7 ETH02 ETH00 ACCEPT tcp opt — in ETH02 out ETH00 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.2.0.1-10.2.0.2 tcp dpt:3389
    8 ETH02 ETH00 ACCEPT tcp opt — in ETH02 out ETH00 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.2.0.6-10.2.0.253 tcp dpt:3389
    9 ETH02 ETH01 ACCEPT tcp opt — in ETH02 out ETH01 0.0.0.0/0 -> 10.1.0.13 tcp dpt:3389
    10 ETH02 * REJECT icmp opt — in ETH02 out * 0.0.0.0/0 -> 0.0.0.0/0 icmptype 8 reject-with icmp-host-prohibited no

    INPUT DROP
    1 ETH01 * ACCEPT all opt — in ETH01 out * 0.0.0.0/0 -> 0.0.0.0/0 no
    2 ETH00 * ACCEPT all opt — in ETH00 out * 0.0.0.0/0 -> 0.0.0.0/0 no
    3 * * ACCEPT all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED

    OUTPUT ACCEPT

    I have been searching web for solution for a week and I have no clue.
    I evaluated few software firewall and I found that zeroshell is the best solution to me.

    Please help and I hope it is not the problem if Hyper-V synthetic network driver.

    PS public IP above is fake.

    #53766

    computing4u
    Member

    I believe i have been working on a similar issue which has caused me to go around the houses.

    I fixed an issue i was having by Enabling “Spoofing of Mac Addresses” in the Virtual machine settings.

    Try that.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.