Trying to connect to an externally accessible address from inside the network...
Hi, my setup is as follows:
I have 2 servers with two internal ip addresses 192.168.1.10 and 192.168.1.11 and I can connect to them via the browser when I am within the network.
I have a domain name of the type cloud.nova.com that connects to these two servers through two external ports (2443, 3443)
Those two external ports are redirected to the two respective ip addresses with 443 as internal ports for both.
When I try to connect from outside the network:
https://server.nova.com:2443
https://server.nova.com:3443
I have no problem accessing the servers.
However, when I am inside the network and I try to connect to those same addresses, it doesn't work!
The only way I can connect from inside the network is
https://192.168.1.10
https://192.168.1.11
How do I go about this, what do I need to configure on my VPN100 to make this work using the external addresses?
I know there is a way because prior to purchasing the VPN100, we were using another brand firewall and it was working perfectly.
Please help and TIA.
I have 2 servers with two internal ip addresses 192.168.1.10 and 192.168.1.11 and I can connect to them via the browser when I am within the network.
I have a domain name of the type cloud.nova.com that connects to these two servers through two external ports (2443, 3443)
Those two external ports are redirected to the two respective ip addresses with 443 as internal ports for both.
When I try to connect from outside the network:
https://server.nova.com:2443
https://server.nova.com:3443
I have no problem accessing the servers.
However, when I am inside the network and I try to connect to those same addresses, it doesn't work!
The only way I can connect from inside the network is
https://192.168.1.10
https://192.168.1.11
How do I go about this, what do I need to configure on my VPN100 to make this work using the external addresses?
I know there is a way because prior to purchasing the VPN100, we were using another brand firewall and it was working perfectly.
Please help and TIA.
0
All Replies
-
@asu
Regarding to your request,
you need to create the DDNS and NAT profiles with disable NAT lookback.
Charlie0 -
Sorry, maybe I wasn't very clear, I am able to perfectly connect to the internal servers using port forwarding configured through NAT when I am outside of the network.
When I am within the network, however, it doesn't work, how can I resolve this so that using the exact same address as I do when im outside the network in which the firewall is based works?
TIA
0 -
I think you need NAT Loopback enabled
It might not matter but are you using the same External as Internal port mapping?
Also for NAT rule making for External IP its best to use a INTERFACE IP of the WAN
0 -
Been trying NAT loopback and it turns out you need to make a firewall rule like this:
from LAN1
to LAN1
Service port
and does work if External port is not the same as Internal port
0 -
Nevermind, I found it myself:
-> Add an IPV4 rule where you enter the public IP address
-> go to NAT section and edit the redirects so that the "from" field is changed from "any" (my default setting) to the name I gave to the IPV4 rule.
-> Tick the loopback check box
Now it works perfectly!0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight