D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: GodlessBe on November 12, 2011, 12:27:00 AM
-
Hello,
I have a small personal home network (10.0.0.*) connected to LAN ports of a DFL-210, and a 192.168.x.y address designated to WAN port, which represents DFL-210 physically in big local home network. To connect to internet we use PPPoE, and my DFL-210 gets a real static IP after connecting to 192.168.0.1 which is our big network's gateway (actually it's always connected when gateway is up).
Question: how do I do port forwarding in this case - let's say I use bittorrent files and want to seed something to what.cd users?
I tried such a scheme:
1. I created a Service named "Torrent_TCP" with is obviously TCP Type, with source ports 6881-6999 (whose bittorrent normally use);
2. I created two rules in IP Rules/wan_to_lan:
2.1. A SAT rule - src: any/all-nets, dst: core/wan_phys_ip (which is 192.168.x.y mentioned above) as follows: Action: SAT, Service - Torrent_TCP; on SAT table: Translate the Destination IP Address, new IP address 10.0.0.w (actually a PC behind DFL-210 which I'm writing this from), new port: NNNN, where NNNN matches Destination port number used in Service (step 1).
2.2. An Allow rule - src: any/all-nets, dst: core/wan_phys_ip as follows: Action: Allow, Service - Torrent_TCP.
It seems it doesn't work. Any suggestions?
-
1. Change your service - source as default (0-65535), destination = 6991-6999 to get bect compartability.
2. Don't use any
If your connections terminated by PPPoE interface, that means you need to use PPPoE IP object
Don't use new port, in SAT options
As result, change your SAT/Allow rules to wan_pppoe/all-nets core/wan_pppoe_ip
-
Thank you very much, this helped indeed!
The only thing I had to play with after all was dst port range, but this is all clear now.
Greets from Moscow btw :)