/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


Hi there

I'm struggling to get portforwarding to a MS SQL server working. I'm 
hoping someone here can help me.

Scenario:

 A Web server on a public network outside of the firewall. It needs to 
connect to a MS SQL server on the inside of the firewall.

 Firewall running on Linux 2.2.14. It's running IPMASQUERADING and port 
forwards port 1433 and 1434 (UDP and TCP) from the public network to the 
database server.

 An MS SQL server 2000 database server on the inside of the firewall.

My problem:

 OLE DB connection from the web server to the database server (via the 
portfw) work fine. 
 An ODBC DSN does connect when one run the std TEST option.
 However, trying to retrieve data via the DSN always fails

Has anyone had a similar problem to this ?

Any help would be much appreciated.

Thanks
Henty 






Status of the firewall follows (it supports more than just MS SQL 
server). 

Web server address is: 195.32.163.163 (not the real IP address)
External(public) IP address on firewall is: 195.32.163.162 (not the real 
IP address)   
Internal (private) IP address on firewall is: 192.168.2.31
Database server IP address is: 192.168.2.50





Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ------  192.168.2.0/24       0.0.0.0/0             n/a
ACCEPT     all  ------  127.0.0.0/8          0.0.0.0/0             n/a
ACCEPT     all  ------  195.32.163.162       0.0.0.0/0             n/a
outside    all  ------  0.0.0.0/0            0.0.0.0/0             n/a

Chain forward (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     all  ------  192.168.2.0/24       192.168.2.0/24        n/a
ACCEPT     all  ------  195.32.163.162       0.0.0.0/0             n/a
MASQ       all  ------  192.168.2.0/24       0.0.0.0/0             n/a

Chain output (policy ACCEPT):
target     prot opt     source                destination           ports
DENY       udp  ------  0.0.0.0/0            0.0.0.0/0             513 ->   
*
DENY       udp  ------  0.0.0.0/0            0.0.0.0/0             137 ->   
*

Chain outside (1 references):
target     prot opt     source                destination           ports
DENY       all  ------  192.168.2.0/24       0.0.0.0/0             n/a
DENY       all  ------  127.0.0.0/8          0.0.0.0/0             n/a
DENY       all  ------  0.0.0.0/0            192.168.2.0/24        n/a
DENY       tcp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
6000:6010
DENY       tcp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
111
DENY       tcp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
2049
DENY       udp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
1119
DENY       udp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
2049
DENY       udp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
177
DENY       tcp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
653
ACCEPT     tcp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
1433
ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
1433
ACCEPT     tcp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
1434
ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
1434
ACCEPT     tcp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
1560
ACCEPT     tcp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
1556
ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
54322
ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
54321
DENY       tcp  ------  0.0.0.0/0            0.0.0.0/0             * ->   
113
DENY       tcp  -y--l-  0.0.0.0/0            0.0.0.0/0             * ->   
0:1023
DENY       udp  ----l-  0.0.0.0/0            0.0.0.0/0             * ->   
0:1023

Chain portmap (0 references):



Port forwarding:

prot localaddr            rediraddr               lport    rport  pcnt  
pref
UDP  195.32.163.162       192.168.2.50            54321    54321    10    
10
UDP  195.32.163.162       192.168.2.50            54322    54322    10    
10
UDP  195.32.163.162       192.168.2.50             1434     1434    10    
10
UDP  195.32.163.162       192.168.2.50             1433     1433    10    
10
TCP  195.32.163.162       192.168.2.50             1560     1560    10    
10
TCP  195.32.163.162       192.168.2.50             1434     1434    10    
10

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to