Limited NAT options

Forums Network Management Networking Limited NAT options

  • This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • May 24, 2014 at 8:40 pm #43950
    ceremcem
    Member

    Hello,

    In pfSense I could create a NAT rule in order to forward packages to server inside my LAN. If you try to reach port 80 either from inside or outside of LAN, you could reach appropriate server.

    In zeroshell, I am not able to do that. It behaves as it would if you try from outside, but if you try from inside, it redirects packets to itself (zeroshell machine).

    I’m making these setup in Virtual Servers section. There is no “destination IP” option or similar option.

    How can I create a NAT rule that will redirect all packages where destination address is my_router:80 to my_virtual_server:80?

    May 25, 2014 at 4:00 am #53332
    getout
    Member

    You should be able to browse to your virtual server using its LAN IP from the within the LAN. From outside the LAN you should be able to browse to your virtual server using your WAN IP provided you have setup the virtual server settings in ZS.

    If you need to create a rule to direct traffic from withing the LAN you can do so in the Firewall section of the ZS GUI but this should already be working.

    Also try using port :8080 with the IP number of your virtual server.

    May 25, 2014 at 10:30 am #53333
    ceremcem
    Member

    If I accept to browse virtual server via using LAN IP inside of LAN, I need to edit all machines’ /etc/hosts file.

    I was able to use WAN IP (fqdn) to browse the virtual server in pfSense, and I want to do the same.

    May 27, 2014 at 11:04 pm #53334
    getout
    Member

    I think this would be a matter of adding a rule to the Prerouting table but I don’t think ZS provides the ability in the GUI. You could do it in shell mode.

    Maybe PFsense was ending the request out to the WAN instead of routing at over the LAN and so your port forwarding on the WAN was directing you to the correct server.

    You could try creating a rule in Netbalancer to send all traffic destined for your Public IP from your LAN out your Gateway. This might have the traffic return to the WAN side and be forwarded correctly.

    Sparki.

    June 4, 2014 at 4:21 pm #53335
    DrmCa
    Participant

    How are you accessing your LAN server now?

    I too have the web servers on the LAN and I simply set up DNS on ZS so when if punch in ‘www.mydomain.com’ from the LAN it resolves to 10.10.10.2, same as if I did it fro the WAN and NAT resolved to the same ID.

    Sounds like you do not need NAT, and that is not really a task for NAT at all. It would be if you wanted to access port 80 and be redirected to port 8088 for example…

    HTH!

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.