- This topic is empty.
April 2, 2009 at 1:37 am #41605
I am really new to this.. I have not found any one asking this so I assume this is going to be a really easy question.
I am needing to do port forwarding for SMTP and WEB to a inside IP. I have played with the virtual server but it does not seem to work.
What am I missing?
Currently Mailserver can browse the internet and can access internet with now problem.
KouApril 2, 2009 at 6:46 am #47936
Is the router in front of ZS doing NAT as well?April 2, 2009 at 2:53 pm #47937
The External side of the Zeroshell has several external IP address that is assigned to us by the Internet Provider. I use to have these IPs on IPCOP as Alias.
the Router is not doing NAT.Router is not doing NAT.
Inside interface has VLAN 1, VLAN2, VLAN3, and the Mail server is on VLAN1 tagged on our switchs. the Mail server can access the internet fine while on VLAN1.
Hope that this helps.
BTW: VLAN1 is tagged on the ZeroShell ETH00.
KouApril 3, 2009 at 7:27 am #47938
From the command line issue the following and post the output:
iptables -L -v
iptables -t nat -L -vApril 4, 2009 at 4:02 pm #47939
I took the ZS offline and don’t have it available at this minute. I will will be putting it on a test network later this weekend.
At that point, I will get the output for you. thanks for your help.
KouApril 7, 2009 at 8:49 pm #47940
I have a updated description of the issue. I have recreated the issue with more time to test.
I have 2 external IP address assigned to the ETH01 and Nat’d it for the ETH00 to get out. Traffic works find outbound.
For inbound testing, when I use the first IP address assigned on ETH01 on the Virtual Server configs, it works. I am able to forward port 20/21 for FTP testing and can actually ftp to the External IP address and successfully login to the FTP server.
When I replace the Virtual server External IP with the secondary IP that was assigned to the ETH01 in the exact line, I cannot forward any ports for testing at all. Nothing can be forwarded to the internal server.
KouApril 7, 2009 at 9:56 pm #47941
Another update: used the iptable commands in the Setup>Startup/cron>NAT and Virtual Server and rebooted the ZS. It works now.
I also removed all my configs from the Virtual Server page.
I notice that I have to reboot the firewall to get that IPTABLE additions to take. Is there a way to get this to take without rebooting the firewall?
KouApril 8, 2009 at 8:48 am #47942
You don’t need to reboot the ZS to enable the configuration changes, it is not Windows.
You still haven’t supplied me with what I have asked in order to help you.April 9, 2009 at 12:25 am #47943JCMember
Where i work, we have an email server in r network, and had that same issue till we REMOVED the router and decided to just use ZS. so r config, and has worked ever since, is: modem ZS network, where network is 192.168.0.0. We used to have modem router ZS network and even w/ all ports forwarded wouldnt receive emails.
imo drop the router, ZS is head and shoulders above any router device, dlink/linksys/etc…
just remember to set, under “network/router/virtual server”, ALL the ports u need. w/ the apps we use there r approx 9 rules. having a static ip for mail server will help greatly, use dhcp ip/mac.
hope this helps u. took me a week to convince my boss at the time to do just that.
JCApril 17, 2009 at 2:36 pm #47944MDDeffMember
I am having a similar Issue as ksrimoungchanh but my layout is slightly different
Internet ZS Network
Also, I am not using VLans, Its a basic network.
I’m trying to host a teamspeak server behind it (port 8767) but everytime i try to access it through the firewall It doesnt work.
Thanks a bunchApril 21, 2009 at 12:34 pm #47945JCMember
according to http://forum.teamspeak.com/showthread.php?t=35 u need 1 TCP/IP and 1 UDP port opened. I would set the TS server w/ a static IP under the DHCP section, then in Network – Router – Virtual Server set the rules. input interface = [PPP0 for me]IP Address = ANY, protocol = TCP, Port = [called for TCP port], Remote IP = TS Server. Then do the same for UDP.June 8, 2009 at 1:39 pm #47946palleeMember
Hi, I have a little trouble configuring the virtual server to forword port 80 to my apache server.
This is my setup:
ISP Modem DMZ to ZS (192.168.2.1) (ETH00 192.168.2.2) ZS (ETH02 192.168.0.1) (192.168.0.9) apache server
ETH02(wired) is bridged with ETH01 (Wireless) and VPN99 (OpenVPN)
I have the zeroshell 1.0
DNS is configured with dynDNS
if you need more info please ask 😉
PaulJune 9, 2009 at 3:25 pm #47947
On modem-router port forward the 80 port to the 192.168.2.2:80 and on ZS add a virtual server on port 80 to 192.168.0.9:80.June 10, 2009 at 6:31 pm #47948palleeMember
Sorry, I understand what I have to do but I don’t understand how to do it. I have only been running ZS for maybe a week and it is much more complex than the standard home-router/gateway I am used to. If someone could explain what the different optins does in the “virtual server” tab i.e: the “interfaces”, “ip-adress”, “local port”, “remote ip-adress” and “remote port”
Thanks a lot!
- You must be logged in to reply to this topic.