Thank both of you very much for taking the time to
answer my questions.... This morning I tried it again, (after I rebooted
just for good measure) however I took the Linux box out of the equation and
replaced the tunnel to go to a NT box running the web server and it now
works. It must be how I have had the Linux box setup. (The Linux box WAS
my firewall - running IP Chains, portsentry and so on). I just did not
have the time to look at it closely yesterday ! (did not have the
patients)
I am very impressed with this Gnat box, are there
any "other" places where I can get info like has it ever been hacked or anything
of that nature. I am going to run a port scan on myself today to see what
I can really see.
Again, thank you for being patient with a newbie to
the Gnat family !
Mike
----- Original Message -----
Sent: Friday, February 18, 2000 8:09
PM
Subject: Re: Rules ?
OK, maybe I am stupid ! Or just slow
! I have tried all day to get this working and to no
avail......
This is what I have, PLEASE CORRECT ME
!
Gnat version 3.01 Light !
External
IP =
24.10.221.x
Internal IP/Protected = 192.168.1.1
Log entry: (the first two entry's are me going
out, the last one is the one coming in)
16 5 Feb 18 19:21:22 NAT: Open TCP
[192.168.1.2/3826]->[24.10.221.X/10278]->[216.34.244.240/80].
18 5
Feb 18 19:21:22 WWW: [192.168.1.2/3826]->[216.34.244.240/80] GET http://anon.free.anonymizer.com//http://www.webcare.net.
16
5 Feb 18 19:21:23 NAT: Open tunnel TCP
[192.168.1.1/80]->[24.10.221.10/80]->[216.34.244.73/4009].
I am trying to get the $%^#&@# IP tunneling
to work by performing the following task !
IN the NAT area (Inbound tunnels) I
have set a rule up like this !
<TCP><IP of EXTERNAL NIC> <80>
<TCP> <IP of internal NIC> <80>
check marked the (automatic accept all
filter)
IN FILTERS area (remote access) (Placed this
filter ABOVE the default last entry to deny everything)
Type = Accept / Interface =
External / Protocol = TCP
Source Address
= 0.0.0.0/0.0.0.0 port =80
Destination Address =
24.10.221.10/255.255.255.255 port =80
What am I doing wrong ?????
Yes, the web server is on a Linux box, I have
removed everything in the /etc/hosts.deny and /etc/hosts/allow to make sure
nothing would get in the way !
Again, thank you for all your help
!!!!!!!
Mike
----- Original Message -----
Sent: Friday, February 18, 2000 8:30
AM
Subject: RE: Rules ?
You can
have a single IP tunneled to multiple IPs per your example below with no
problem at all.
All you
have to do is set up an individual tunnel list entry for each
port.
Regards,
Jeff
-----------------------------------------------------------------
Jeffery
Griffiths
<[EMAIL PROTECTED]>
Network Engineer
Schreeder Wheeler & Flint, LLP
Atlanta, GA USA
-----------------------------------------------------------------
First run down on what I have: Gnat Box
Light v3.01 (for testing)
What I want to do is -
Provide tunneling from IP on the Gnat
Box to and 192.168 IP in the DMZ. I have 4 servers inside the DMZ
running the following ports. (21, 22, 25, 80). What I gathered
in the documentation is that I need a valid IP even for the tunneled IP
addresses, in other words, the Gnat box would have 5 valid IP's on it and
just pass the tunneled session through on to the 192.168.x.x address on
what ever port I choose. Is this correct, or can I have one valid IP
and pass any port to any IP (192.168.x.x) through the Gnat box
???
Is it as simple as:
<tcp> <ip of Gnat box =
209.254.x.70> <80> <ip 192.168.1.1> <80>
<tcp> <ip of
Gnat box = 209.254.x.70> <25> <ip 192.168.1.2>
<25>
and so on ?????
Thanks for the reply !
Mike
----- Original Message -----
Sent: Thursday, February 17, 2000
11:59 PM
Subject: RE: Rules ?
Mike,
Why don't you let the list know what
you're working with (high level
overview of hardware), and what
you're wanting to do with GnatBox (please
include the GB
version)? That will give us a base point to start
from.
TIA,
Greg Byrd
-----Original
Message-----
From: Michael Givens [mailto:[EMAIL PROTECTED]]
Sent:
Thursday, February 17, 2000 6:11 PM
To: [EMAIL PROTECTED]
Subject: Rules
?
I am new to the Gnat family and am trying out the gb-light
version, and was
wondering are they any web sites that perhaps have a
little better
documentation then the actual user manual
?
Right now I run a Firewall 1 box at work, (don't hate me)
and I am checking
out the Gnat box for our new T-1 we will be
getting, and some times user
docs are just a little hard to
understand. Now I am not stupid, just
confused on some of the
rules and why they are that way !
Please point me in the
right
direction.
TIA,
Mike
