/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Hi there I'm struggling to get portforwarding to a MS SQL server working. I'm hoping someone here can help me. Scenario: A Web server on a public network outside of the firewall. It needs to connect to a MS SQL server on the inside of the firewall. Firewall running on Linux 2.2.14. It's running IPMASQUERADING and port forwards port 1433 and 1434 (UDP and TCP) from the public network to the database server. An MS SQL server 2000 database server on the inside of the firewall. My problem: OLE DB connection from the web server to the database server (via the portfw) work fine. An ODBC DSN does connect when one run the std TEST option. However, trying to retrieve data via the DSN always fails Has anyone had a similar problem to this ? Any help would be much appreciated. Thanks Henty Status of the firewall follows (it supports more than just MS SQL server). Web server address is: 195.32.163.163 (not the real IP address) External(public) IP address on firewall is: 195.32.163.162 (not the real IP address) Internal (private) IP address on firewall is: 192.168.2.31 Database server IP address is: 192.168.2.50 Chain input (policy ACCEPT): target prot opt source destination ports ACCEPT all ------ 192.168.2.0/24 0.0.0.0/0 n/a ACCEPT all ------ 127.0.0.0/8 0.0.0.0/0 n/a ACCEPT all ------ 195.32.163.162 0.0.0.0/0 n/a outside all ------ 0.0.0.0/0 0.0.0.0/0 n/a Chain forward (policy ACCEPT): target prot opt source destination ports ACCEPT all ------ 192.168.2.0/24 192.168.2.0/24 n/a ACCEPT all ------ 195.32.163.162 0.0.0.0/0 n/a MASQ all ------ 192.168.2.0/24 0.0.0.0/0 n/a Chain output (policy ACCEPT): target prot opt source destination ports DENY udp ------ 0.0.0.0/0 0.0.0.0/0 513 -> * DENY udp ------ 0.0.0.0/0 0.0.0.0/0 137 -> * Chain outside (1 references): target prot opt source destination ports DENY all ------ 192.168.2.0/24 0.0.0.0/0 n/a DENY all ------ 127.0.0.0/8 0.0.0.0/0 n/a DENY all ------ 0.0.0.0/0 192.168.2.0/24 n/a DENY tcp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 6000:6010 DENY tcp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 111 DENY tcp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 2049 DENY udp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 1119 DENY udp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 2049 DENY udp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 177 DENY tcp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 653 ACCEPT tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> 1433 ACCEPT udp ------ 0.0.0.0/0 0.0.0.0/0 * -> 1433 ACCEPT tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> 1434 ACCEPT udp ------ 0.0.0.0/0 0.0.0.0/0 * -> 1434 ACCEPT tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> 1560 ACCEPT tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> 1556 ACCEPT udp ------ 0.0.0.0/0 0.0.0.0/0 * -> 54322 ACCEPT udp ------ 0.0.0.0/0 0.0.0.0/0 * -> 54321 DENY tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> 113 DENY tcp -y--l- 0.0.0.0/0 0.0.0.0/0 * -> 0:1023 DENY udp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 0:1023 Chain portmap (0 references): Port forwarding: prot localaddr rediraddr lport rport pcnt pref UDP 195.32.163.162 192.168.2.50 54321 54321 10 10 UDP 195.32.163.162 192.168.2.50 54322 54322 10 10 UDP 195.32.163.162 192.168.2.50 1434 1434 10 10 UDP 195.32.163.162 192.168.2.50 1433 1433 10 10 TCP 195.32.163.162 192.168.2.50 1560 1560 10 10 TCP 195.32.163.162 192.168.2.50 1434 1434 10 10 _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
