|
Dear all
Hi
I use IPNAT fot natting invalid addresses
of my test network to a valid address , every thing is ok except Yahoo
messenger's voice service .
My network topology is as below :
Invalid Network (172.16.8.0/21)
<-----------------> Nat &
Filtering machine <--------------->
Internet
My natiing rules are as below :
map fxp1 172.16.8.0/21 -> 0/32 proxy port ftp
ftp/tcp
map fxp1 172.16.8.0/21 -> 0/32 proxy port 7070 raudio/tcp map fxp1 172.16.8.0/21 -> 0/32 portmap tcp/udp 2000:65000 map fxp1 172.16.8.0/21 -> 0/32 And also my active filtering rule set is
as below :
block in quick proto tcp from any to
0.0.0.0/0.0.0.255 port = 80
block in quick proto tcp from 0.0.0.0/0.0.0.255 port = 80 to any block in quick proto tcp from any port = 80 to 0.0.0.0/0.0.0.255 block in quick proto tcp from 0.0.0.0/0.0.0.255 to any port = 80 # block in quick proto tcp from any to 0.0.0.0/0.0.0.255 port = 25 block in quick proto tcp from 0.0.0.0/0.0.0.255 port = 25 to any block in quick proto tcp from any port = 25 to 0.0.0.0/0.0.0.255 block in quick proto tcp from 0.0.0.0/0.0.0.255 to any port = 25 # pass in quick on fxp0 from 172.16.8.0/21 to
any
pass in quick on fxp0 from 172.16.3.0/24 to any block in quick on fxp0 from any to any block in quick on fxp1 from 172.16.8.0/21 to any block in quick on fxp1 from 172.16.3.0/24 to any # pass in all pass out all Please if it is possible, let me know how do I
can solve this problem .
Special thanx for you help .
Best hopes
Kh. Nejadkoorki
|
