Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Here's what I use to port-forward ssh; just adjust for address (where
destination address is the public IP) and change it to http.
rule 2 {
type: "destination"
inbound-interface: "eth0"
protocols: "tcp"
source {
network: 0.0.0.0/0
}
destination {
address: 1.2.3.4
port-name ssh
}
inside-address {
address: 10.0.0.30
}
}
Best,
Justin
On Jan 29, 2008 7:46 AM, Nathan McBride <[EMAIL PROTECTED]> wrote:
> Can someone please help me get this worked out?
> Nate
>
>
> > Ok these are my nat rules now, I didn't see a command to change the rule
> > numbers so i just redid them all by hand. It still doesn't work.
> >
> > rule 1 {
> > type: "destination"
> > inbound-interface: "eth0"
> > protocols: "tcp"
> > destination {
> > address: "71.62.193.105"
> > port-name http
> > }
> > inside-address {
> > address: 192.168.0.105
> > }
> > }
> > rule 2 {
> > type: "masquerade"
> > outbound-interface: "eth0"
> > protocols: "all"
> > source {
> > network: "192.168.0.0/24"
> > }
> > destination {
> > network: "0.0.0.0/0"
> > }
> > }
> > rule 3 {
> > type: "masquerade"
> > outbound-interface: "eth0"
> > protocols: "all"
> > source {
> > network: "192.168.1.0/24"
> > }
> > destination {
> > network: "0.0.0.0/0"
> > }
> > }
> >
> > Nate
> >
> > On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote:
> > > Hi Nate,
> > >
> > > The "inside-address" is the internal (private) IP address of your Web
> > > server, which in your case is 192.168.0.105. The "destination address"
> > > should actually be the public IP address that outside clients will use to
> > > access your server, so usually this is the public IP address of your
> > > router.
> > >
> > > An-Cheng
> > >
> > > Nathan McBride wrote:
> > > > I went and looked at the old docs. I thought I set them up correctly
> > > > but aparently I didn't. I'll im trying to do is to get people on the
> > > > internet to view the website on my comp (192.168.0.105). The only
> > > > difference that i noticed when I tried to commit the example in the old
> > > > docs was that vc3 requires an 'inside-address'. Could someone please
> > > > help me correct this to get it working?
> > > >
> > > > rule 3 {
> > > > type: "destination"
> > > > inbound-interface: "eth0"
> > > > protocols: "tcp"
> > > > destination {
> > > > address: "192.168.0.105"
> > > > port-name http
> > > > }
> > > > inside-address {
> > > > address: 192.168.0.105 <-- didn't know what to put here
> > > > exactly...
> > > > }
> > > > }
> > > >
> >
> > ___
> > Vyatta-users mailing list
> > Vyatta-users@mailman.vyatta.com
> > http://mailman.vyatta.com/mailman/listinfo/vyatta-users
>
> ___
> Vyatta-users mailing list
> Vyatta-users@mailman.vyatta.com
> http://mailman.vyatta.com/mailman/listinfo/vyatta-users
>
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Can someone please help me get this worked out?
Nate
> Ok these are my nat rules now, I didn't see a command to change the rule
> numbers so i just redid them all by hand. It still doesn't work.
>
> rule 1 {
> type: "destination"
> inbound-interface: "eth0"
> protocols: "tcp"
> destination {
> address: "71.62.193.105"
> port-name http
> }
> inside-address {
> address: 192.168.0.105
> }
> }
> rule 2 {
> type: "masquerade"
> outbound-interface: "eth0"
> protocols: "all"
> source {
> network: "192.168.0.0/24"
> }
> destination {
> network: "0.0.0.0/0"
> }
> }
> rule 3 {
> type: "masquerade"
> outbound-interface: "eth0"
> protocols: "all"
> source {
> network: "192.168.1.0/24"
> }
> destination {
> network: "0.0.0.0/0"
> }
> }
>
> Nate
>
> On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote:
> > Hi Nate,
> >
> > The "inside-address" is the internal (private) IP address of your Web
> > server, which in your case is 192.168.0.105. The "destination address"
> > should actually be the public IP address that outside clients will use to
> > access your server, so usually this is the public IP address of your router.
> >
> > An-Cheng
> >
> > Nathan McBride wrote:
> > > I went and looked at the old docs. I thought I set them up correctly
> > > but aparently I didn't. I'll im trying to do is to get people on the
> > > internet to view the website on my comp (192.168.0.105). The only
> > > difference that i noticed when I tried to commit the example in the old
> > > docs was that vc3 requires an 'inside-address'. Could someone please
> > > help me correct this to get it working?
> > >
> > > rule 3 {
> > > type: "destination"
> > > inbound-interface: "eth0"
> > > protocols: "tcp"
> > > destination {
> > > address: "192.168.0.105"
> > > port-name http
> > > }
> > > inside-address {
> > > address: 192.168.0.105 <-- didn't know what to put here
> > > exactly...
> > > }
> > > }
> > >
>
> ___
> Vyatta-users mailing list
> Vyatta-users@mailman.vyatta.com
> http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Ok these are my nat rules now, I didn't see a command to change the rule
numbers so i just redid them all by hand. It still doesn't work.
rule 1 {
type: "destination"
inbound-interface: "eth0"
protocols: "tcp"
destination {
address: "71.62.193.105"
port-name http
}
inside-address {
address: 192.168.0.105
}
}
rule 2 {
type: "masquerade"
outbound-interface: "eth0"
protocols: "all"
source {
network: "192.168.0.0/24"
}
destination {
network: "0.0.0.0/0"
}
}
rule 3 {
type: "masquerade"
outbound-interface: "eth0"
protocols: "all"
source {
network: "192.168.1.0/24"
}
destination {
network: "0.0.0.0/0"
}
}
Nate
On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote:
> Hi Nate,
>
> The "inside-address" is the internal (private) IP address of your Web server,
> which in your case is 192.168.0.105. The "destination address" should
> actually be the public IP address that outside clients will use to access
> your server, so usually this is the public IP address of your router.
>
> An-Cheng
>
> Nathan McBride wrote:
> > I went and looked at the old docs. I thought I set them up correctly
> > but aparently I didn't. I'll im trying to do is to get people on the
> > internet to view the website on my comp (192.168.0.105). The only
> > difference that i noticed when I tried to commit the example in the old
> > docs was that vc3 requires an 'inside-address'. Could someone please
> > help me correct this to get it working?
> >
> > rule 3 {
> > type: "destination"
> > inbound-interface: "eth0"
> > protocols: "tcp"
> > destination {
> > address: "192.168.0.105"
> > port-name http
> > }
> > inside-address {
> > address: 192.168.0.105 <-- didn't know what to put here
> > exactly...
> > }
> > }
> >
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Ok still having issues, these are my nat rules:
eth0 is wan
192.168.0.0 is first subnet where server resides
192.168.1.0 is wifi subnet doesn't matter in this case
Thanks everyone.
Nate
rule 1 {
type: "masquerade"
outbound-interface: "eth0"
protocols: "all"
source {
network: "192.168.0.0/24"
}
destination {
network: "0.0.0.0/0"
}
}
rule 2 {
type: "masquerade"
outbound-interface: "eth0"
protocols: "all"
source {
network: "192.168.1.0/24"
}
destination {
network: "0.0.0.0/0"
}
}
rule 3 {
type: "destination"
inbound-interface: "eth0"
protocols: "tcp"
destination {
address: "71.62.193.105"
port-name http
}
inside-address {
address: 192.168.0.105
}
}
On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote:
> Hi Nate,
>
> The "inside-address" is the internal (private) IP address of your Web server,
> which in your case is 192.168.0.105. The "destination address" should
> actually be the public IP address that outside clients will use to access
> your server, so usually this is the public IP address of your router.
>
> An-Cheng
>
> Nathan McBride wrote:
> > I went and looked at the old docs. I thought I set them up correctly
> > but aparently I didn't. I'll im trying to do is to get people on the
> > internet to view the website on my comp (192.168.0.105). The only
> > difference that i noticed when I tried to commit the example in the old
> > docs was that vc3 requires an 'inside-address'. Could someone please
> > help me correct this to get it working?
> >
> > rule 3 {
> > type: "destination"
> > inbound-interface: "eth0"
> > protocols: "tcp"
> > destination {
> > address: "192.168.0.105"
> > port-name http
> > }
> > inside-address {
> > address: 192.168.0.105 <-- didn't know what to put here
> > exactly...
> > }
> > }
> >
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Hi Nate,
The "inside-address" is the internal (private) IP address of your Web server,
which in your case is 192.168.0.105. The "destination address" should actually
be the public IP address that outside clients will use to access your server,
so usually this is the public IP address of your router.
An-Cheng
Nathan McBride wrote:
> I went and looked at the old docs. I thought I set them up correctly
> but aparently I didn't. I'll im trying to do is to get people on the
> internet to view the website on my comp (192.168.0.105). The only
> difference that i noticed when I tried to commit the example in the old
> docs was that vc3 requires an 'inside-address'. Could someone please
> help me correct this to get it working?
>
> rule 3 {
> type: "destination"
> inbound-interface: "eth0"
> protocols: "tcp"
> destination {
> address: "192.168.0.105"
> port-name http
> }
> inside-address {
> address: 192.168.0.105 <-- didn't know what to put here
> exactly...
> }
> }
>
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Starting to get really frustrated... GRRR :D
I went and looked at the old docs. I thought I set them up correctly
but aparently I didn't. I'll im trying to do is to get people on the
internet to view the website on my comp (192.168.0.105). The only
difference that i noticed when I tried to commit the example in the old
docs was that vc3 requires an 'inside-address'. Could someone please
help me correct this to get it working?
rule 3 {
type: "destination"
inbound-interface: "eth0"
protocols: "tcp"
destination {
address: "192.168.0.105"
port-name http
}
inside-address {
address: 192.168.0.105 <-- didn't know what to put here
exactly...
}
}
What do I need to do?
Thanks,
Nate
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
