Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Map problem.
  •  
realbuz

Messages: 2
Karma: 0
Send a private message to this user
I'm currently trying out Kerio Winroute Firewall.
I have two network card on my server. One used for PPPOE dialup (dsl) and the other connected to my lan. Everything works perfectly as far as in -> out communication. Everything also works perfectly as out -> SERVER communication. However my problem is out -> in . For example (tried MANY):
name: vnc test
source: dial-up (interface that has my internet ip)
destination: Firewall
service: port 5900
action: allow
translation: MAP 10.0.0.101 (computer on local lan running vnc on port 5900 (been tested locally to make sure service is active)
protocol inspector (none)

I'm clueless on why this doesn't work.

To push my test further I tried forwarding to an internal ftp server using protocol inspector : ftp. when trying to connect I see kerio answering my ftp request and get the resulting error message:
421 Service not available (The FTP server is not responding.)


Overall it seems like I cannot MAP anything with success. (tried various different ports (vnc, vnc on a different port, ftp on two non standard port, teamspeak, online gaming server, and some others).

for the record: all lan client are using dhcp with gateway set as the internal server nic ip (10.0.0.253) and the server is running on windows 2000 server. All the client computer are running XP pro (with firewall DISABLED in their options.)

Any pointer would really be appreciated.

and sorry for the messy post .. my native language is not english :).
  •  
gert

Messages: 16
Karma: 0
Send a private message to this user
The traffic rule you describe should work as intended as far as I understand it.

But I had a thought. How are you checking to see if the mapping rule is working?

The rule you have will only translate traffic coming in from the dial-up interface, so you need to check from a computer on a different internet connection. Traffic coming from your LAN will not be mapped no matter even if you use external IP address.

[Updated on: Tue, 09 March 2004 12:56]

  •  
realbuz

Messages: 2
Karma: 0
Send a private message to this user
as far as gaming server , vnc and teamspeak those have been tested with friends from the outside.

thanks for the suggestion. Hope someone can come up with the one fixing my issue Smile.


Simon
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
realbuz wrote on Tue, 09 March 2004 18:30

as far as gaming server , vnc and teamspeak those have been tested with friends from the outside.

thanks for the suggestion. Hope someone can come up with the one fixing my issue Smile.


Simon


Have you got enabled RRAS service in W2k server?
It seems you have enabled another NAT in the system so it blocks all incoming connections.
Previous Topic: Memory leak in 5.1.3?
Next Topic: Internal clients access server via external address ? <-- Routing problem
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 17 22:22:21 CET 2017

Total time taken to generate the page: 0.00442 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.