Tessai
asked on
Firewall, NAT, Router... something is blocking me
Hi,
I have a litlle problem when I want to NAT a webserver,
Current configuration :
Webserver with <web public IP> gateway : <public IP of my Firewall> ==> everything's working fine, but unprotected.
New configuration :
Webserver with <192.168.*.*> NAT to <web public IP> gateway <private IP of DMZ> : nothing's going in nor out
OR
Webserver with <192.168.*.*> NAT to <another public IP of our range> gateway <private IP of DMZ> : everything's working perfect !
Problem :
I can't change my DNS to point to new public IP because of same problem on ftp server that is configured on all the workshops of my company. Changing DNS is not a solution !
Where can that be bloacked then ???
Please help :-)
Tess
I have a litlle problem when I want to NAT a webserver,
Current configuration :
Webserver with <web public IP> gateway : <public IP of my Firewall> ==> everything's working fine, but unprotected.
New configuration :
Webserver with <192.168.*.*> NAT to <web public IP> gateway <private IP of DMZ> : nothing's going in nor out
OR
Webserver with <192.168.*.*> NAT to <another public IP of our range> gateway <private IP of DMZ> : everything's working perfect !
Problem :
I can't change my DNS to point to new public IP because of same problem on ftp server that is configured on all the workshops of my company. Changing DNS is not a solution !
Where can that be bloacked then ???
Please help :-)
Tess
ASKER
Sure,
I have a firewall, a LAN and a DMZ
In my LAN, I have all the workstations of my LAN working fine,
In my DMZ I have nothing up to now, exept a PCtest with FTP and WWW running on it and accessible from the internet, so the DMZ is working fine,
On my firewall, a FW1 Checkpoint, 3 NIC's, 1 for my LAN, 1 for my DMZ and 1 connected to a switch, a RJ45 goes to my cisco routeur.
Internet == router == switch ==> FW1 and up to now webserver, ftpserver, mailserver
What I would like to do is :
Internet == router == switch == FW1
FW1 linked to LAN and DMZ
What I did :
Set webserver with public IP (ie. 81.70.70.70) to private IP behind DMZ (ie 192.168.1.*), so the webserver has now 192.168.1.* and NAT to it's prior public IP. ==> not working
If I set the webserver on another public IP (ie. 81.70.70.71), it's working fine...
Why ??
Hope it's well explained....
I have a firewall, a LAN and a DMZ
In my LAN, I have all the workstations of my LAN working fine,
In my DMZ I have nothing up to now, exept a PCtest with FTP and WWW running on it and accessible from the internet, so the DMZ is working fine,
On my firewall, a FW1 Checkpoint, 3 NIC's, 1 for my LAN, 1 for my DMZ and 1 connected to a switch, a RJ45 goes to my cisco routeur.
Internet == router == switch ==> FW1 and up to now webserver, ftpserver, mailserver
What I would like to do is :
Internet == router == switch == FW1
FW1 linked to LAN and DMZ
What I did :
Set webserver with public IP (ie. 81.70.70.70) to private IP behind DMZ (ie 192.168.1.*), so the webserver has now 192.168.1.* and NAT to it's prior public IP. ==> not working
If I set the webserver on another public IP (ie. 81.70.70.71), it's working fine...
Why ??
Hope it's well explained....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
YEAH !!! That was it !!!!
Thanks for your help !
Thanks for your help !
Also if you could specifiy products being used.