BM with 2 public NICs and 1 private NIC

[glio]

I've set up a BM3.8sp2a on NW65with 2 public interfaces (A & B) and 1 private interface (C). A is the NIC with slower connection but binds to a bunch of public IPs that are NATed to the internal servers. B has a faster connection and is used as default route. Things are fine without IPFLT.

Let's say I want to connect to an internal server (Internal IP: W.X.Y.Z) from the Internet thru the NAT on NIC A... To do this, I set up two rules:

1. Inbound requests to the Telnet server:
Src interface: A
Dest interface: C
Port: Telnet
Src Addr: Any
Dest Addr: W.X.Y.Z

2. Outbound responses from the Telnet server:
Src interface: C
Dest interface: A
Port: Telnet
Src Addr: W.X.Y.Z
Dest Addr: Any

.... and needless to say, the rules don't work at all!

Can someone please correct me? What else do I need?

Jimmy

 

[Lou0686]

Hi,

This think will probably help.

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10018659.htm

The filter debug should allow you to see what's going on.

Lou

 

[marvhuffaker]

I believe that the problem is in the Destination interface. In your first configuration, you list 'A' as your source, and 'C' as your destination. But 'C' is not technically your destination if it is coming from the outside. 'A' should be your destination and then the NAT translation should take it to 'C'.

Also, I believe that the same applies to your destination ip address. Again, the internal IP address is not what you want in your filter -- how would an outside address know what your internal address is?

Take off the destination restrictions and see if packets come through that way, then try and restrict it little by little until you get the right combination.


Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting

http://www.redjuju.com