The Graveyard - Products No Longer Supported > D-Link NetDefend Firewalls

nat hairpin/loopback/reflection

(1/2) > >>

bbain:
I have seen several references here to this, and 1 post that actually attempts to give some config examples, but no definitive answers.

I commissioned a dfl-260e yesterday, everything went well except for smartphone access to exchange from the internal lan.  Because of some quirks in the configuration that I inherited from a previous tech, the phones are all set up with the public IP (wanIP) as the server address to access the mail server.  This works fantastic outside the lan, but needs the nat loopback inside the lan.

I followed this http://forums.dlink.com/index.php?topic=7444.0 but something is missing as it does not work.

Thanks for any help you can provide.

FurryNutz:
Link>Welcome!


* What Hardware version is your DFL? Look at sticker under the DFL case.
* Link>What Firmware version is currently loaded? Found on the DFLs web page under status.
* What region are you located?

bbain:
HW rev is A I do believe (it is at a remote location and I can't put my eyes on it at the moment)

FW 10.21.02.01

I am in North America.

Rara Avis:
With the new UI, you can skip the whole 2 rules confusing process and just add one policy and hairpinning will "just work". If you survived the IP rule procedure it should be straight forward, just disable your old rules and a policy instead.

In case anyone needs to know the old process, the problem with hairpinning is that you either have to NAT the source address (and probably only want to do that for internally sourced traffic if any) or you will violate the IP Access rules.  This means you usually use three IP rules or play around with access rules.

bbain:
What is the source you have in there? Wan_lan?  I don't see that.  Is it a group of some sort? I tried using the WanIp and the LanIP and neither worked.

I have the phones working internally now using split horizon DNS but that breaks something else (but that issue is minor, I can live with it temporarily)

Navigation

[0] Message Index

[#] Next page

Go to full version