Hi to all,
I'm not a Astaro user but, we have a customer that has it. The model is the 320.
We installed a machine at customer's company and we need to reach an appliance (router) that is on that machine. The router has configure on the LAN of the customer, below all the details:
Our public IP 217.***.***.138
Customer's public IP 46.***.***.2 (Astaro IP wan interface)
router WAN on the machine:
IP: 192.168.154.21 (LAN customer IP class)
Subnet: 255.255.255.0
Gateway: 192.168.154.5 (Astaro IP lan interface)
Dns: 192.168.151.81
router LAN on the machine:
IP 192.168.1.254
subnet: 255.255.255.0
all ports should be open
Can you tell me which configurations the customer should do to permit the access?
From a suggestion that I found in other thread, I did the below configuration. It's right?:
Traffic Source: 217.26.90.138/32
Traffic Service: Any
Traffic Destination: External (WAN) (Address) built-in definition object (Icon looks like a NIC)
NAT Mode: DNAT
Destination 192.168.154.21 (internal natted LAN address of web server)
Destination Service: Leave blank
Log initial packets: yes
Automatic packet filter rule: yes
By only this rule, I'll be able to reach the router and establish an ipsec VPN between the router a our PC. We need this for reach the appliances on the IP class of the machine (192.168.1.x).
Unfortunately the customer is not very skilled and I'm trying to help him.
Thank you for your answer.
Stefano.
I'm not a Astaro user but, we have a customer that has it. The model is the 320.
We installed a machine at customer's company and we need to reach an appliance (router) that is on that machine. The router has configure on the LAN of the customer, below all the details:
Our public IP 217.***.***.138
Customer's public IP 46.***.***.2 (Astaro IP wan interface)
router WAN on the machine:
IP: 192.168.154.21 (LAN customer IP class)
Subnet: 255.255.255.0
Gateway: 192.168.154.5 (Astaro IP lan interface)
Dns: 192.168.151.81
router LAN on the machine:
IP 192.168.1.254
subnet: 255.255.255.0
all ports should be open
Can you tell me which configurations the customer should do to permit the access?
From a suggestion that I found in other thread, I did the below configuration. It's right?:
Traffic Source: 217.26.90.138/32
Traffic Service: Any
Traffic Destination: External (WAN) (Address) built-in definition object (Icon looks like a NIC)
NAT Mode: DNAT
Destination 192.168.154.21 (internal natted LAN address of web server)
Destination Service: Leave blank
Log initial packets: yes
Automatic packet filter rule: yes
By only this rule, I'll be able to reach the router and establish an ipsec VPN between the router a our PC. We need this for reach the appliances on the IP class of the machine (192.168.1.x).
Unfortunately the customer is not very skilled and I'm trying to help him.
Thank you for your answer.
Stefano.