Limited NAT options

Home Page Forums Network Management Networking Limited NAT options

This topic contains 3 replies, has 0 voices, and was last updated by  ceremcem 4 years, 6 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #43950

    ceremcem
    Member

    Hello,

    In pfSense I could create a NAT rule in order to forward packages to server inside my LAN. If you try to reach port 80 either from inside or outside of LAN, you could reach appropriate server.

    In zeroshell, I am not able to do that. It behaves as it would if you try from outside, but if you try from inside, it redirects packets to itself (zeroshell machine).

    I’m making these setup in Virtual Servers section. There is no “destination IP” option or similar option.

    How can I create a NAT rule that will redirect all packages where destination address is my_router:80 to my_virtual_server:80?

    #53332

    getout
    Member

    You should be able to browse to your virtual server using its LAN IP from the within the LAN. From outside the LAN you should be able to browse to your virtual server using your WAN IP provided you have setup the virtual server settings in ZS.

    If you need to create a rule to direct traffic from withing the LAN you can do so in the Firewall section of the ZS GUI but this should already be working.

    Also try using port :8080 with the IP number of your virtual server.

    #53333

    ceremcem
    Member

    If I accept to browse virtual server via using LAN IP inside of LAN, I need to edit all machines’ /etc/hosts file.

    I was able to use WAN IP (fqdn) to browse the virtual server in pfSense, and I want to do the same.

    #53334

    getout
    Member

    I think this would be a matter of adding a rule to the Prerouting table but I don’t think ZS provides the ability in the GUI. You could do it in shell mode.

    Maybe PFsense was ending the request out to the WAN instead of routing at over the LAN and so your port forwarding on the WAN was directing you to the correct server.

    You could try creating a rule in Netbalancer to send all traffic destined for your Public IP from your LAN out your Gateway. This might have the traffic return to the WAN side and be forwarded correctly.

    Sparki.

    #53335

    DrmCa
    Participant

    How are you accessing your LAN server now?

    I too have the web servers on the LAN and I simply set up DNS on ZS so when if punch in ‘www.mydomain.com’ from the LAN it resolves to 10.10.10.2, same as if I did it fro the WAN and NAT resolved to the same ID.

    Sounds like you do not need NAT, and that is not really a task for NAT at all. It would be if you wanted to access port 80 and be redirected to port 8088 for example…

    HTH!

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.