|
OK, maybe I am stupid ! Or just slow !
I have tried all day to get this working and to no avail......
This is what I have, PLEASE CORRECT ME
!
Gnat version 3.01 Light !
External
IP =
24.10.221.x
Internal IP/Protected = 192.168.1.1
Log entry: (the first two entry's are me going out,
the last one is the one coming in)
16 5 Feb 18 19:21:22 NAT: Open TCP
[192.168.1.2/3826]->[24.10.221.X/10278]->[216.34.244.240/80].
18 5 Feb
18 19:21:22 WWW: [192.168.1.2/3826]->[216.34.244.240/80] GET http://anon.free.anonymizer.com//http://www.webcare.net.
16
5 Feb 18 19:21:23 NAT: Open tunnel TCP
[192.168.1.1/80]->[24.10.221.10/80]->[216.34.244.73/4009].
I am trying to get the $%^#&@# IP tunneling to
work by performing the following task !
IN the NAT area (Inbound tunnels) I
have set a rule up like this !
<TCP><IP of EXTERNAL NIC> <80>
<TCP> <IP of internal NIC> <80>
check marked the (automatic accept all
filter)
IN FILTERS area (remote access) (Placed this filter
ABOVE the default last entry to deny everything)
Type = Accept / Interface =
External / Protocol = TCP
Source Address
= 0.0.0.0/0.0.0.0 port =80
Destination Address =
24.10.221.10/255.255.255.255 port =80
What am I doing wrong ?????
Yes, the web server is on a Linux box, I have
removed everything in the /etc/hosts.deny and /etc/hosts/allow to make sure
nothing would get in the way !
Again, thank you for all your help
!!!!!!!
Mike
----- Original Message -----
Sent: Friday, February 18, 2000 8:30
AM
Subject: RE: Rules ?
You can
have a single IP tunneled to multiple IPs per your example below with no
problem at all.
All you
have to do is set up an individual tunnel list entry for each
port.
Regards,
Jeff
-----------------------------------------------------------------
Jeffery
Griffiths
<[EMAIL PROTECTED]>
Network Engineer
Schreeder Wheeler & Flint, LLP
Atlanta, GA USA
-----------------------------------------------------------------
First run down on what I have: Gnat Box
Light v3.01 (for testing)
What I want to do is -
Provide tunneling from IP on the Gnat Box
to and 192.168 IP in the DMZ. I have 4 servers inside the DMZ running
the following ports. (21, 22, 25, 80). What I gathered in the
documentation is that I need a valid IP even for the tunneled IP addresses,
in other words, the Gnat box would have 5 valid IP's on it and just pass the
tunneled session through on to the 192.168.x.x address on what ever port I
choose. Is this correct, or can I have one valid IP and pass any port
to any IP (192.168.x.x) through the Gnat box ???
Is it as simple as:
<tcp> <ip of Gnat box =
209.254.x.70> <80> <ip 192.168.1.1> <80>
<tcp> <ip of
Gnat box = 209.254.x.70> <25> <ip 192.168.1.2>
<25>
and so on ?????
Thanks for the reply !
Mike
----- Original Message -----
Sent: Thursday, February 17, 2000
11:59 PM
Subject: RE: Rules ?
Mike,
Why don't you let the list know what
you're working with (high level
overview of hardware), and what you're
wanting to do with GnatBox (please
include the GB version)? That
will give us a base point to start from.
TIA,
Greg
Byrd
-----Original Message-----
From: Michael Givens [mailto:[EMAIL PROTECTED]]
Sent:
Thursday, February 17, 2000 6:11 PM
To: [EMAIL PROTECTED]
Subject: Rules
?
I am new to the Gnat family and am trying out the gb-light
version, and was
wondering are they any web sites that perhaps have a
little better
documentation then the actual user manual
?
Right now I run a Firewall 1 box at work, (don't hate me)
and I am checking
out the Gnat box for our new T-1 we will be getting,
and some times user
docs are just a little hard to understand.
Now I am not stupid, just
confused on some of the rules and why they
are that way !
Please point me in the right
direction.
TIA,
Mike
|
