vpn50 dmz

Options
paolob
paolob Posts: 2
edited July 2021 in Security
Good morning
i bought a VPN50 and connected the WAN to the internet and the
DMZ to the apache server, I created the NAT between WAN w DMZ,
but when I go to see the apache server logs, the external IP addresses
are not passed I only see that the request comes from the gateway of
the DMZ, how should I pass the external IPs to the DMZ network so that
apache records them in the log? thank you

All Replies

  • PeterUK
    PeterUK Posts: 2,757  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited July 2021
    Options

    Do you have a WAN subnet? Or one WAN IP?

    You can bridge WAN and DMZ to pass the external IP or if you have a subnet you need to setup DMZ with your WAN subnet so that the apache server can get the WAN IP then you need a routing rule so that you don't NAT from one WAN IP.

    if you have one WAN IP and want the WAN IP on the apache server and still do NAT you can do this.

    Real DMZ with NAT ZyWALL USG — Zyxel Community


  • paolob
    paolob Posts: 2
    Options

    MY SITUATION I THIS

  • PeterUK
    PeterUK Posts: 2,757  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited July 2021
    Options

    If your looking to port forward you can do this in network > NAT for Virtual Server ports 443, 80 to 192.168.3.2

    If your not seeing source IP's to your apache server you likely have a SNAT routing doing this.

Security Highlight