Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Here's what I use to port-forward ssh; just adjust for address (where destination address is the public IP) and change it to http. rule 2 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: 0.0.0.0/0 } destination { address: 1.2.3.4 port-name ssh } inside-address { address: 10.0.0.30 } } Best, Justin On Jan 29, 2008 7:46 AM, Nathan McBride <[EMAIL PROTECTED]> wrote: > Can someone please help me get this worked out? > Nate > > > > Ok these are my nat rules now, I didn't see a command to change the rule > > numbers so i just redid them all by hand. It still doesn't work. > > > > rule 1 { > > type: "destination" > > inbound-interface: "eth0" > > protocols: "tcp" > > destination { > > address: "71.62.193.105" > > port-name http > > } > > inside-address { > > address: 192.168.0.105 > > } > > } > > rule 2 { > > type: "masquerade" > > outbound-interface: "eth0" > > protocols: "all" > > source { > > network: "192.168.0.0/24" > > } > > destination { > > network: "0.0.0.0/0" > > } > > } > > rule 3 { > > type: "masquerade" > > outbound-interface: "eth0" > > protocols: "all" > > source { > > network: "192.168.1.0/24" > > } > > destination { > > network: "0.0.0.0/0" > > } > > } > > > > Nate > > > > On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote: > > > Hi Nate, > > > > > > The "inside-address" is the internal (private) IP address of your Web > > > server, which in your case is 192.168.0.105. The "destination address" > > > should actually be the public IP address that outside clients will use to > > > access your server, so usually this is the public IP address of your > > > router. > > > > > > An-Cheng > > > > > > Nathan McBride wrote: > > > > I went and looked at the old docs. I thought I set them up correctly > > > > but aparently I didn't. I'll im trying to do is to get people on the > > > > internet to view the website on my comp (192.168.0.105). The only > > > > difference that i noticed when I tried to commit the example in the old > > > > docs was that vc3 requires an 'inside-address'. Could someone please > > > > help me correct this to get it working? > > > > > > > > rule 3 { > > > > type: "destination" > > > > inbound-interface: "eth0" > > > > protocols: "tcp" > > > > destination { > > > > address: "192.168.0.105" > > > > port-name http > > > > } > > > > inside-address { > > > > address: 192.168.0.105 <-- didn't know what to put here > > > > exactly... > > > > } > > > > } > > > > > > > > ___ > > Vyatta-users mailing list > > Vyatta-users@mailman.vyatta.com > > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > ___ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Can someone please help me get this worked out? Nate > Ok these are my nat rules now, I didn't see a command to change the rule > numbers so i just redid them all by hand. It still doesn't work. > > rule 1 { > type: "destination" > inbound-interface: "eth0" > protocols: "tcp" > destination { > address: "71.62.193.105" > port-name http > } > inside-address { > address: 192.168.0.105 > } > } > rule 2 { > type: "masquerade" > outbound-interface: "eth0" > protocols: "all" > source { > network: "192.168.0.0/24" > } > destination { > network: "0.0.0.0/0" > } > } > rule 3 { > type: "masquerade" > outbound-interface: "eth0" > protocols: "all" > source { > network: "192.168.1.0/24" > } > destination { > network: "0.0.0.0/0" > } > } > > Nate > > On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote: > > Hi Nate, > > > > The "inside-address" is the internal (private) IP address of your Web > > server, which in your case is 192.168.0.105. The "destination address" > > should actually be the public IP address that outside clients will use to > > access your server, so usually this is the public IP address of your router. > > > > An-Cheng > > > > Nathan McBride wrote: > > > I went and looked at the old docs. I thought I set them up correctly > > > but aparently I didn't. I'll im trying to do is to get people on the > > > internet to view the website on my comp (192.168.0.105). The only > > > difference that i noticed when I tried to commit the example in the old > > > docs was that vc3 requires an 'inside-address'. Could someone please > > > help me correct this to get it working? > > > > > > rule 3 { > > > type: "destination" > > > inbound-interface: "eth0" > > > protocols: "tcp" > > > destination { > > > address: "192.168.0.105" > > > port-name http > > > } > > > inside-address { > > > address: 192.168.0.105 <-- didn't know what to put here > > > exactly... > > > } > > > } > > > > > ___ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Ok these are my nat rules now, I didn't see a command to change the rule numbers so i just redid them all by hand. It still doesn't work. rule 1 { type: "destination" inbound-interface: "eth0" protocols: "tcp" destination { address: "71.62.193.105" port-name http } inside-address { address: 192.168.0.105 } } rule 2 { type: "masquerade" outbound-interface: "eth0" protocols: "all" source { network: "192.168.0.0/24" } destination { network: "0.0.0.0/0" } } rule 3 { type: "masquerade" outbound-interface: "eth0" protocols: "all" source { network: "192.168.1.0/24" } destination { network: "0.0.0.0/0" } } Nate On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote: > Hi Nate, > > The "inside-address" is the internal (private) IP address of your Web server, > which in your case is 192.168.0.105. The "destination address" should > actually be the public IP address that outside clients will use to access > your server, so usually this is the public IP address of your router. > > An-Cheng > > Nathan McBride wrote: > > I went and looked at the old docs. I thought I set them up correctly > > but aparently I didn't. I'll im trying to do is to get people on the > > internet to view the website on my comp (192.168.0.105). The only > > difference that i noticed when I tried to commit the example in the old > > docs was that vc3 requires an 'inside-address'. Could someone please > > help me correct this to get it working? > > > > rule 3 { > > type: "destination" > > inbound-interface: "eth0" > > protocols: "tcp" > > destination { > > address: "192.168.0.105" > > port-name http > > } > > inside-address { > > address: 192.168.0.105 <-- didn't know what to put here > > exactly... > > } > > } > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Ok still having issues, these are my nat rules: eth0 is wan 192.168.0.0 is first subnet where server resides 192.168.1.0 is wifi subnet doesn't matter in this case Thanks everyone. Nate rule 1 { type: "masquerade" outbound-interface: "eth0" protocols: "all" source { network: "192.168.0.0/24" } destination { network: "0.0.0.0/0" } } rule 2 { type: "masquerade" outbound-interface: "eth0" protocols: "all" source { network: "192.168.1.0/24" } destination { network: "0.0.0.0/0" } } rule 3 { type: "destination" inbound-interface: "eth0" protocols: "tcp" destination { address: "71.62.193.105" port-name http } inside-address { address: 192.168.0.105 } } On Mon, 2008-01-28 at 21:39 -0800, An-Cheng Huang wrote: > Hi Nate, > > The "inside-address" is the internal (private) IP address of your Web server, > which in your case is 192.168.0.105. The "destination address" should > actually be the public IP address that outside clients will use to access > your server, so usually this is the public IP address of your router. > > An-Cheng > > Nathan McBride wrote: > > I went and looked at the old docs. I thought I set them up correctly > > but aparently I didn't. I'll im trying to do is to get people on the > > internet to view the website on my comp (192.168.0.105). The only > > difference that i noticed when I tried to commit the example in the old > > docs was that vc3 requires an 'inside-address'. Could someone please > > help me correct this to get it working? > > > > rule 3 { > > type: "destination" > > inbound-interface: "eth0" > > protocols: "tcp" > > destination { > > address: "192.168.0.105" > > port-name http > > } > > inside-address { > > address: 192.168.0.105 <-- didn't know what to put here > > exactly... > > } > > } > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Starting to get really frustrated... GRRR :D
Hi Nate, The "inside-address" is the internal (private) IP address of your Web server, which in your case is 192.168.0.105. The "destination address" should actually be the public IP address that outside clients will use to access your server, so usually this is the public IP address of your router. An-Cheng Nathan McBride wrote: > I went and looked at the old docs. I thought I set them up correctly > but aparently I didn't. I'll im trying to do is to get people on the > internet to view the website on my comp (192.168.0.105). The only > difference that i noticed when I tried to commit the example in the old > docs was that vc3 requires an 'inside-address'. Could someone please > help me correct this to get it working? > > rule 3 { > type: "destination" > inbound-interface: "eth0" > protocols: "tcp" > destination { > address: "192.168.0.105" > port-name http > } > inside-address { > address: 192.168.0.105 <-- didn't know what to put here > exactly... > } > } > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Starting to get really frustrated... GRRR :D
I went and looked at the old docs. I thought I set them up correctly but aparently I didn't. I'll im trying to do is to get people on the internet to view the website on my comp (192.168.0.105). The only difference that i noticed when I tried to commit the example in the old docs was that vc3 requires an 'inside-address'. Could someone please help me correct this to get it working? rule 3 { type: "destination" inbound-interface: "eth0" protocols: "tcp" destination { address: "192.168.0.105" port-name http } inside-address { address: 192.168.0.105 <-- didn't know what to put here exactly... } } What do I need to do? Thanks, Nate ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users