Topic: Portforward on a "server only" SME 5.1.2

[Miguel Simon]

Hi,

This is my problem:
I have an SME with only 1 ethernet card. I need to do a portforwarding to another machine in my LAN.
I have installed the portforwarding rpm but it does not work.
Do I have to install a second ethernet card? Why?

Thanks

[Andrei Taylor]

The port forwarding rpm only works when you are in Gateway Server mode. Because the firewall (Gateway) does the port forwarding. If you're in server mode only and you are behind a firewall you will need to port forward services from your'e firewall (checkpoint, smoothwall) to the SME Server.

Hope this helps,

Andrei

[Miguel Simon]

It helps a lot. I had supposed that.
Now I have a second eth card and the servers work as a Gateway also.

How can I forward traffic from port 81 to another server. I have install the portforward rpm but I cannont connect to port 81.

I imagine that the firewall has close this port, but I thought it would be open with this modules. Any suggestion?

Thanks

[Terry Brummell]

When testing port forwarding you need to be testing from the external side of your network.  From another location or using a dialup connection to an ISP.  Are you doing this?
I forwarded a non-standard port from the gateway to an internal machine with no problems.  Nothing special needs to be done to open the port.  Does your ISP possibly block 80 & 81?  These are common webserver ports so some providers will close them on their network.
Hop that helps.

Terry

[Miguel Simon]

First of all, thanks and I hope you will forgive my English

I will explained what I am doing:
I have a SME server and gateway with ext IP 192.168.2.2 and internal 192.168.1.2
Internally I have a IIS server with IP 192.168.1.100 which accepts traffic from port 80

SME accept web traffic from port 80 so I want to redirect traffic from another port (I have tried 81 and 2000)  to my IIS server.
I have installed dmc-portforwarding*-0.0.0.1-4.rpm. If I execute ipmasqadm portfw -l I can see both redirections

When I execute a nmap from the SME server to the external IP (nmap -p 81 -sT 192.168.2.2) it says the port is closed

The PC I am working with is in the external net (192.168.2.12/24 GW 192.168.2.1)

Any idea?

Thanks

[Terry Brummell]

Someone will need to correct me if I'm wrong here, but, if you are forwarding port 81, should the webserver that you are forwarding to not be set to accept on port 81?  I know the port forwarding add-on allows you to specify a destination port which is different from the incoming port, but I'm not sure if that part works.  

Miguel Simon wrote:
>
> First of all, thanks and I hope you will forgive my English
>
> I will explained what I am doing:
> I have a SME server and gateway with ext IP 192.168.2.2 and
> internal 192.168.1.2
> Internally I have a IIS server with IP 192.168.1.100 which
> accepts traffic from port 80
>
> SME accept web traffic from port 80 so I want to redirect
> traffic from another port (I have tried 81 and 2000)  to my
> IIS server.
> I have installed dmc-portforwarding*-0.0.0.1-4.rpm. If I
> execute ipmasqadm portfw -l I can see both redirections
>
> When I execute a nmap from the SME server to the external IP
> (nmap -p 81 -sT 192.168.2.2) it says the port is closed
>
> The PC I am working with is in the external net
> (192.168.2.12/24 GW 192.168.2.1)
>
> Any idea?
>
> Thanks

[Terry Brummell]

Guess I should have tested that before I posted.  I just forwarded a different external port to an internal webserver.  So forwarding 81 to 80 should work fine for you.  I'm not sure where the problem is.

Terry

Terry Brummell wrote:
>
> Someone will need to correct me if I'm wrong here, but, if
> you are forwarding port 81, should the webserver that you are
> forwarding to not be set to accept on port 81?  I know the
> port forwarding add-on allows you to specify a destination
> port which is different from the incoming port, but I'm not
> sure if that part works.
>

[Miguel Simon]

Nor am I

Thanks, anyway