Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » WF 6.2.2 Port Mapping not work
  •  
CepK

Messages: 2
Karma: 0
Send a private message to this user
Hello.

I found a problem using KWF 6.2.2

It disagrees to map port to local services, other than some standard (eg. 80/TCP or 3389/TCP )

Details:

- KWF 6.2.2 - two interfaces:
external, 2 real IPs bound
internal - net 192.168.100.0 255.255.255.0
- We have a video server working on a local machine IP 192.168.100.60 port 18888
- We need to map it outside to the external net.
- So we made a traffic rule:
Source - Network connected to External Interface
Destination - Firewall host
Service - TCP 18888
Action - Permit
Translation - MAP 192.168.100.60:18888
Valid on - Always

When anybody tries to connect to our FW Host extirnal IP to port 18888, no connection is done. As if no service is listening this port on FW host!
BUT!!!! If we use for example TCP 3389 or TCP 80 in "service" parameter (with translation to internal 192.168.100.60:18888!!) - everything works fine.

Why is it so?

If it is useful - info on the FW host:

Windows 2003 server STD, KWF 6.2.2, 2 Eternet Cards.

Thanks for any help.

  • Attachment: kwf.JPG
    (Size: 25.99KB, Downloaded 526 times)
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Hm, I'm not sure what your problem is. I can just say that I am on the same KWF version (6.2.2) and I do not have such a problem. I use many incoming portmaps on non-standard ports.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Come to think of it, it looks like another firewall is active on your KWF server. Could that be the case?

The built-in Windows firewall? Also: a lot of antivirus solutions these days include 'anti-worm' features, or something similar. Usually, this is simply a firewal. That could also be your problem.

It would explain why regular ports work in your situation: they would also be allowd on the 'other' firewall.
  •  
CepK

Messages: 2
Karma: 0
Send a private message to this user
Thank you for reply.

The problem is, that this FW computer does not have _any_ other FW or antivirus software installed.
The builtin windows WF is also disabled.

I would say more!!!
The only ports that work are 80 and 3389!!!!

Thats a miracle....



  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Disable the option 'translate port to'. The source port number is the same as the destination. Maybe it helps...

[Updated on: Fri, 08 September 2006 21:35]

Previous Topic: what is this?
Next Topic: Unable to give access to a website
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 24 04:37:25 CET 2017

Total time taken to generate the page: 0.00409 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.