Hello IpfList.
This is my first time writing to this list. Yesterday I subscript and I
don't get any mail since yesterday. So this will also be a check
if I'm 'online' with this ipflist.
I'm from Austria near Vienna and I'm usually a programmer for this
company. Now I had to make a connection from the extranet
to the intranet via a gateway to run a script for a backup to
a winxp-Box sitting behind in priv-lan 192.168.1.0
My net looks like:
ISP
|
v
my bay_router nic 213.47.208.161
|
v
www-server nic 213.47.208.162 with ipf-firewall
|
v
ext_if 213.47.208.168
Gateway with ipf-firewall
int_if 192.168.1.1
|
v
winxp-Box nic 192.168.1.91
what I tried
1.) I shutdown all ipf-firewalls and tried a ping from www-server to
the winxp-box - was ok and ping from winxp-box to www-server was also ok.
2.) I run from www-server: route -n add 192.168.1.91/32 213.47.208.168 and
afterwards:
mount_smbfs 192.168.1.91 //[EMAIL PROTECTED]/sharedir /usr/mountpoint
error: Operation time out (I guess, due to missing rdr on the gateway?
)
3.) I run the same from Gateway and it was ok, sharedir was mounted.
(syntax check)
4.)startipf-firewall on Gateway and put this rules on top
pass in quick proto tcp from any to any port =3D 445 keep state
pass out quick proto tcp from any to any port =3D 445 keep state
pass in quick proto tcp from any to any port =3D 139 keep state
pass out quick proto tcp from any to any port =3D 139 keep state
and in ipnat.conf
rdr ep0 0.0.0.0/0 port 445 -> 192.168.1.91 port 445
rdr ep0 0.0.0.0/0 port 139 -> 192.168.1.91 port 139
run again on www-server: mount_smbfs ..... after a short time
error: Operation time out ?????
of course I tried many other rule setting with no success so I hope some
of you can give me a hint what I'm doing wrong.
Tia
Ron
