Hello Joe, Thanks for the reply. You are right but I have tried with "0/0_www" also. It is not working. As you can see from my ipchains ruleset that I'm getting packet at 111.222.333.444 ----------------------------- 5 300 ACCEPT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 111.222.333.444 * -> 80 ------------------------------- 5 packet and 300 bytes are there.
And yes I have checked it from outside of my network but still not working. Thanks. Sudhir Barwal "Upnet Joe" wrote: EXTERN_TCP_PORT0="0/0 www 111.222.333.444" I think this wrong not really sure ???? EXTERN_TCP_PORTS="0/0_ssh 0/0_smtp 0/0_www 0/0_domain 0/0_https 0/0_pop-3 0/0_spop3" this is mine and it is working. How did you try to access your internal web server ???? since you are firewall and MASQ your public connection you can't access your port-fw connection via public address (eth0) from internal Client.. only way you can access by your internal ip-address 10.24.33.129 or dns name map to that address ask someone to access 111.222.333.444 from out side your network... it should work Upnet Joe ----- Original Message ----- From: "barwals" To: Sent: Tuesday, March 05, 2002 6:20 AM Subject: [Leaf-user] Port forwarding problem....! Hi, I 'm running the Dachstein LEAF firewall. I'm not able to forwarding the external traffice which is coming to my valid IPaddr (eth0) to my internal web server which is a windows 2000 server. I have allready gone through all the related mailing list archive but could not solve the problem and hence I'm writing to this list. The error I'm getting in my browser is "Connection faild".... "Connection timed out". My configuration is as follows. EXTERN_IP=111.222.333.444 EXTERN_IF =eth0 INTERNAL_IP=10.24.33.224 INTERNAL_IF =eth1 INT_NET = 10.0.0.0/8 IPFWDING_KERNEL= FILTER_ON IPALWAYSDEFRAG_KERNEL = YES CONFIG_HOSTNAME = YES CONFIG_HOSTSFILE = YES CONFIG_DNS = NO IPFILTER_SWITCH = firewall SNMP_BLOCK = YES EXTERN_DHCP = NO EXTERN_DHCP = NO EXTERN_TCP_PORT0="0/0 www 111.222.333.444" INTERN_SERVERS="tcp_111.222.333.444_www_10.24.33.150_www" My IPCHAINS RULES looks like they are accepting the connection at 111.222.333.444. But could not find the solution. Could anybody help me in that regard. Regards . Thanks. Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
