• April 19, 2024, 03:41:19 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DFL-260E DMZ to WAN problem  (Read 5166 times)

s_schaffert

  • Level 1 Member
  • *
  • Posts: 2
DFL-260E DMZ to WAN problem
« on: January 04, 2017, 12:12:51 PM »
I have a DFL-260E configured to one-to-one map multiple WAN IPs to multiple DMZ IPs for multiple servers.  The problem I am having is that the Mail Server uses the primary WAN IP to send mail rather than the Published IP defined in ARP/Neighbor Discovery assigned to it for use in the SAT and NAT rules.

I used this procedure setup SAT and NAT for each server in the DMZ:

Add the objects of both public and DMZ IP addresses for the server
Go to Objects -> Address Book -> Interface Addresses
   Click Add
   Name it eg(webpower_public_ip
   IP it eg(209.218.29.10)
   Click OK
   Click Add
   Name it eg(webpower_dmz_ip)
   IP it eg(192.168.1.10)
   Click OK
Create the objects in the ARP table
Go to Network -> ARP/Neighbor Discovery
   Click Add
   Click ARP/Neighbor Discovery
   Mode = Publish
   Interface = WAN
   IP Address eg(webpower_public_ip)
   MAC Address = default (00-00-00-00-00-00)
   Click OK
Create IP rule to map server (SAT)
Go to Policies -> Main IP Rules
   Click Add
   Click IP Rule
   Name it eg(webpower_http_map)
   Action = SAT
Address Filter
   Source Interface = any
   Source Network = all-nets
   Destination Interface = wan
   Destination Network  eg(webpower_public_ip)
   Service – http-all
   Schedule = none
Static Address Translation
   SAT Translate = Destination IP
   New IP Address eg(webpower_dmz_ip)
Logging and Comments
   Logging = on    default
   Click OK
Create IP rule to allow Server NAT
Go to Policies -> Main IP Rules
   Click Add
   Name it eg(allow_webpower_http)
   Action = NAT
Address Filter
   Source Interface = any
   Source Network = all-nets
   Destination Interface = wan
   Destination Network  eg(webpower_public_ip)
   Service – http-all
   Schedule = none
Network Address Translation
   NAT Translate = Use Interface Address
Application Control
Application Control = off
Logging and Comments
   Logging = on    default
        Click OK
Save and Activate the Configuration
Go to Configuration
   Click Save and Activate

The servers would respond to requests from the WAN but were not able to make Internet request until i added the following rule:
Name: dmz_to_wan
Action: NAT
Address Filter
          Source Interface: dmz



Logged

s_schaffert

  • Level 1 Member
  • *
  • Posts: 2
Re: DFL-260E DMZ to WAN problem
« Reply #1 on: January 04, 2017, 12:26:54 PM »
My current firewall (Smoothwall Corporate Firewall 5) calls the solution "Source Mapping"

Any help would be appreciated.
Thank you,
Stuart

Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DFL-260E DMZ to WAN problem
« Reply #2 on: January 11, 2017, 01:51:54 PM »
I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email.
Let us know how it goes please.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.