Hi all,
I'm running an astaro UTM9/Firmware version: 9.004-33 and am having a problem since yesterday. Changes were adding SSL remote access for some smartphones which is perfectly working. But now I saw that my local webserver cannot be reached anymore from outside.
I have a single DNAT-Rule to forward extern port 5001 to my local web server like that:
Rule #1
Under Network Protection/NAT/NAT:
Rule Type: DNAT
Matching Condition
For Traffic from: Any
Going to: external
Using Service: 5001/TCP
Action
Change the destination to: local IP (sth. like 192.168.0.55)
and the service to: HTTP
Automatic Firewall rule: checked
There must be a side effect or something else which blocks that traffic. Adding a rule like this and enabling both of them works:
Rule #2
Under Network Protection/NAT/NAT:
Rule Type: DNAT
Matching Condition
For Traffic from: Any
Going to: external
Using Service: HTTP
Action
Change the destination to: local IP (sth. like 192.168.0.55)
Automatic Firewall rule: checked
So Rule #1 alone doesn't work (no access with external port 5001), but Rule #2 does (acces with standard HTTP-Port 80).
If I enable both rules access is possible with external port 5001 OR 80.
So where is the error?
Thanks for your help.
I'm running an astaro UTM9/Firmware version: 9.004-33 and am having a problem since yesterday. Changes were adding SSL remote access for some smartphones which is perfectly working. But now I saw that my local webserver cannot be reached anymore from outside.
I have a single DNAT-Rule to forward extern port 5001 to my local web server like that:
Rule #1
Under Network Protection/NAT/NAT:
Rule Type: DNAT
Matching Condition
For Traffic from: Any
Going to: external
Using Service: 5001/TCP
Action
Change the destination to: local IP (sth. like 192.168.0.55)
and the service to: HTTP
Automatic Firewall rule: checked
There must be a side effect or something else which blocks that traffic. Adding a rule like this and enabling both of them works:
Rule #2
Under Network Protection/NAT/NAT:
Rule Type: DNAT
Matching Condition
For Traffic from: Any
Going to: external
Using Service: HTTP
Action
Change the destination to: local IP (sth. like 192.168.0.55)
Automatic Firewall rule: checked
So Rule #1 alone doesn't work (no access with external port 5001), but Rule #2 does (acces with standard HTTP-Port 80).
If I enable both rules access is possible with external port 5001 OR 80.
So where is the error?
Thanks for your help.