Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[adelme]

Hello,
First, sorry for my english but in french i don't think i'll get many answers....

Here is my config :

two ISP with fixed ip :
ISP1 (wan1) : XDSL modem, bridge mode, ip = 192.168.100.1 / 255.255.255.0, DHCP server
Used for Internet, SMTP server, FTP server, WEB server.
ISP2 (wan2) : Cable router, ip = 192.168.0.1 / 255.255.255.0
Used for microsoft RDP access (RDP port = 3389)
a 2003 server hosting RDP, exchange (SMTP) etc... This server is connected to DMZ port
a classic internal lan network (192.168.1.0/24) for workstations and server :



SMTP and WEB traffic will arrive on the xDSL (wan1) and should go to the server trough the DMZ port
RDP traffic will arrive on the cable router (wan2) and should go to the server trough the DMZ port also
Internet traffic for workstations (and server) should work trough wan1 or wan2.


As I start with DFL800 (I was using DFL200 before) I began wtih a simple config : only WAN1 PPPoE internet acces and RDP traffic from wan1 to server via DMZ.

lan_ip = 192.168.1.2
lannet = 192.168.1.0/24
dmz_ip = 192.168.2.2
dmz_ip = 192.168.2.0/24
server_dmz_ip = 192.168.2.1
server_lan_ip = 192.168.1.1
PPPoE tunel : ADSL_Orange

For this first config, Internet is working but I can’t do RDP from internet to my server !! I see many post on the forum about port redirection, here are rules used :


I tried NAT or ALLOW and check or  not the All to One mapping checkbox in SAT config, but impossible to make this RDP redirection tu server…..

Any idea ?
Thank’s !!!!

[Fatman]

I would reply in French, but then you still wouldn't get many answers.  My French is just good enough to make people flinch when they hear it, not good enough to actually add any meaning to the horrible mangling.

What is the servers default gateway?

Does a redirect to a PC on the LAN (or the server's LAN IP) work better?

[adelme]

No problem in english !
After some modifications RDP (and stmp) redirection seems working ...
The server gateway is the DMZ port of the dfl (192.168.2.2)
I've modified the rules for RDP by changing dest interface by "core"
(NAT or allow works fine ... i think because the gw is the dmz...)



I've also added rules for :
dmz_to_wan1 and dmz_to_pppoe :



I think I need some other rules because from lan I can acces my http server (http://192.168.1.1) but not by his public address :
http://193.251.79.73 works from outside but from lan I arrive to DFL home page….

(in fact the rule dmz_to_wan1 isn't used because the interface for wan1 is pppoe)
note : I received this new DFL800 (version 2.27) with only 1 rule : lan_to_wan1


Now i have to handle the second router... if you have some guidelines it would be a great help for me!
thank's

[Fatman]

Wow, I missed the stupidest option.

You will need to change the port of the HTTP Remote Management via System->Remote Management->Advanced Settings.

[adelme]

Wow, thank you !!!
Without your help I never found this curious option....

[adelme]

I still have a problem :
when I navigate to the public address (let's say 193.1.2.3) from outside it's okay : I"m forwared to my web server 
But from LAN I arrive to the web interface of the router wich is connected to Internet (not the dfl800 but one of the Wan routers)  (note : the DMZ host of the wan router is the WAN ip of the DFL800)

I have the same problem if I replace the DFL800+wan router by a small router like DSL2640 ...

 

[adelme]

Any idéa ?
More precision : BeWan router/modem ADSL in PPPoE connected to WAN1 of the DFL800
External address : 193.12.13.14
From outside : web navigation to 193.12.13.14 is okay, redirected to out web server
From inside (lan) : web navigation to 193.12.13.14 is redirected to the web interface of the beWan modem/router.
Is the modem config is switched from pppoe to bridge it"s ok (because the web interface of the dfl800 is changed to port 8080) but I need to keep the modem in pppoe....

 

[adelme]

Problem solved by creating a loopback route and rules 

[adelme]

Still have problem on WAN2 :

(DFL800, 2 routers on WAN1 and WAN2, server on DMZ and local network on LAN)

Every thing is working on incoming WAN1 (rdp, smtp, http....) : traffic goes to the server on the DMZ
But on WAN2 unable to reach the server with the same protocols (ie : if i try a remote desktop session through public ip wan2, it fails)

Here is the current config (of course I have more rules for lan_to_allwan and lan_to_dmz, loopback and so on...)
(note : the wan1 and wan2 interfaces have the same metric 100 and the "auto add route" unchecked)

Any idea ? (sorry for my 'french' english !)

[chechito]

On that kind of configuration i use policy based routing using default routing table (where adsl its prevalent over cable router using lower metric) for traffic incoming by the adsl, and secondary routing table (where cable router route have lower metric than adsl default route metric) only for incoming traffic from cable router.