ATP 100 doesn't forward ports

Options
october_web
october_web Posts: 7
Friend Collector
in Security
Hello, everyone,
on an APT 100, I configured the NAT rules, policy control, in the log I see that an access forward was performed, but I can't reach my web server at port 80.
If I try to reach my web server internally it works.

Accepted Solution

  • mMontana
    mMontana Posts: 1,300  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Your windows installation have only 1 gateway, currently FreeBSD.
    Windows receives packets from ATP100 (at least, should) but it will ask to FreeBSD (and not to ATP 100) to deliver answers, according to the network configuration.
«1

All Replies

  • mMontana
    mMontana Posts: 1,300  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Does your webserver allows access outside the local network segment?
  • october_web
    october_web Posts: 7
    Friend Collector
    Options
    Yes, because it is already externally accessible from another wan 
  • mMontana
    mMontana Posts: 1,300  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Do you have two routers/Firewall?
    The ATP100 and the "another wan"?
  • PeterUK
    PeterUK Posts: 2,709  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited August 2022
    Options
    Does the APT 100 on the WAN have the WAN IP?

    Do a port scan to 80
    GRC | Port Authority, for Internet Port 80
  • Zyxel_Kevin
    Zyxel_Kevin Posts: 754  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @october_web,
    Have you enabled "NAT loopback" ? 

    In order to clarify issue, Please kindly provide the topology with IP address. 
    Thank you
    Kevin
  • october_web
    october_web Posts: 7
    Friend Collector
    Options
    So,
    I have two Public IP and two Firewalls
    I did a scan, but port 80 does not appear to be open.
    Enable NAT Lookup is enabled.

    The public IP is 109.238.24.174


  • mMontana
    mMontana Posts: 1,300  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    mMontana said:
    Do you have two routers/Firewall?
    The ATP100 and the "another wan"?
    Would you please, @october_web, tell me if you have two devices for WAN connection (the ATP 100 and another device)?
  • Zyxel_Kevin
    Zyxel_Kevin Posts: 754  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @october_web,
    1) Did you have another device on the WAN side ?
    2) Could you capture the LAN/WAN side packet  ?
    3) Please check internal server have port listened.
    Or we can have remote session for quikly check . Thank you
    Kevin

  • october_web
    october_web Posts: 7
    Friend Collector
    Options
    mMontana said:
    mMontana said:
    Do you have two routers/Firewall?
    The ATP100 and the "another wan"?
    Would you please, @october_web, tell me if you have two devices for WAN connection (the ATP 100 and another device)?
    yes
  • october_web
    october_web Posts: 7
    Friend Collector
    edited August 2022
    Options
    Zyxel_Kevin said:
    Hi @october_web,
    1) Did you have another device on the WAN side ? - NO
    2) Could you capture the LAN/WAN side packet  ? - how can I do it?
    3) Please check internal server have port listened. - port is listening
    Or we can have remote session for quikly check . Thank you
    Kevin

    I'm on holiday now, if I can't solve it when I get back. Thanks

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)