ATP 100 doesn't forward ports
Options
![october_web](https://us.v-cdn.net/6029482/uploads/avatarstock/nQ3TX84RRUVK1.png)
october_web
Posts: 7
![Friend Collector](https://us.v-cdn.net/6029482/uploads/badges/HNJASEUSC535.png)
in Security
Hello, everyone,
on an APT 100, I configured the NAT rules, policy control, in the log I see that an access forward was performed, but I can't reach my web server at port 80.
If I try to reach my web server internally it works.
0
Accepted Solution
-
Your windows installation have only 1 gateway, currently FreeBSD.Windows receives packets from ATP100 (at least, should) but it will ask to FreeBSD (and not to ATP 100) to deliver answers, according to the network configuration.1
All Replies
-
Does your webserver allows access outside the local network segment?
1 -
Yes, because it is already externally accessible from another wan
0 -
Do you have two routers/Firewall?The ATP100 and the "another wan"?0
-
Does the APT 100 on the WAN have the WAN IP?
Do a port scan to 80
GRC | Port Authority, for Internet Port 80
0 -
Hi @october_web,
Have you enabled "NAT loopback" ?
In order to clarify issue, Please kindly provide the topology with IP address.
Thank you
KevinShare yours now!
Kevin
0 -
So,I have two Public IP and two FirewallsI did a scan, but port 80 does not appear to be open.Enable NAT Lookup is enabled.
The public IP is 109.238.24.174
0 -
mMontana said:Do you have two routers/Firewall?The ATP100 and the "another wan"?0
-
Hi @october_web,
1) Did you have another device on the WAN side ?
2) Could you capture the LAN/WAN side packet ?
3) Please check internal server have port listened.
Or we can have remote session for quikly check . Thank you
Kevin
Share yours now!
Kevin
0 -
mMontana said:mMontana said:Do you have two routers/Firewall?The ATP100 and the "another wan"?0
-
Zyxel_Kevin said:Hi @october_web,
1) Did you have another device on the WAN side ? - NO
2) Could you capture the LAN/WAN side packet ? - how can I do it?
3) Please check internal server have port listened. - port is listening
Or we can have remote session for quikly check . Thank you
Kevin
I'm on holiday now, if I can't solve it when I get back. Thanks0
Categories
- All Categories
- 413 Beta Program
- 2.3K Nebula
- 192 Nebula Ideas
- 87 Nebula Status and Incidents
- 5.3K Security
- 142 USG FLEX H Series
- 253 Security Ideas
- 1.3K Switch
- 75 Switch Ideas
- 993 Wireless
- 51 Wireless Ideas
- 6.1K Consumer Product
- 231 Service & License
- 362 News and Release
- 74 Security Advisories
- 23 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 101 About Community
- 67 Security Highlight