• February 24, 2025, 01:30:49 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DFL-800 SAT and NAT  (Read 15012 times)

yoteur

  • Level 1 Member
  • *
  • Posts: 10
DFL-800 SAT and NAT
« on: March 22, 2010, 04:59:34 AM »
Hi all!

I want to send http traffic (arriving on my dlink via public IP (publish is created)) to my web server to its internal IP.

The internal IP is in an interface vlan.
I had a allow rule to permit allnets to go via httpinall to wan1(dlink) and wan ip of my webserver (publish).
I had a SAT rule to translate dest ip (public ip) to my webserver (lan ip in a vlan).
I had a NAT rule to translate sender ip (public ip) to the interface (Use Interface Address) but I don't know which interface that use?
It doesn't works I see public request on the dlink but nothing on the webserver on port 80?
I try the last rule with speciffy sender address (which exist in ARP publish and moreover its an adress in a vlan) it is the second lan ip of my dlink.
Its doesn't work... nothing on the web server in port 80, just public request OK on the dlink (status -> connexion destination public ip).

Could help me to find the problem?
Thanks,
Yoteur
Logged

danilovav

  • Level 4 Member
  • ****
  • Posts: 424
  • Alexandr Danilov
Re: DFL-800 SAT and NAT
« Reply #1 on: March 22, 2010, 06:10:26 AM »
You need to make just 2 rules - SAT and Allow like below

SAT wan1/all-nets core/wan1_ip http-in (new dest = yourprivatehost)
Allow wan1/all-nets core/wan1_ip http-in

But, your private host should has DFL as default gateway. If it's not possible, change Allow action to NAT.
Logged
BR, Alexandr Danilov

yoteur

  • Level 1 Member
  • *
  • Posts: 10
Re: DFL-800 SAT and NAT
« Reply #2 on: March 22, 2010, 06:15:12 AM »
Hi!
Thanks for your reply.

That's the problem my private host can't have my DFL800 as default GW.
As a consequence I try to NAT the sender IP in order to permit my web server to respond to the client.

Do you know another way to do this?

Regards
Yoteur
Logged

yoteur

  • Level 1 Member
  • *
  • Posts: 10
Re: DFL-800 SAT and NAT
« Reply #3 on: March 22, 2010, 06:32:28 AM »
Sorry I have not seen the end of your post.

I have changed my rule from allow to NAT and it doesn't work...
I try with use sender address and with use specific adress...
I have desactivated the old NAT rule so I have just the SAT rule and the allow rule changed to NAT.
The interface I want to use for the NAT is a vlan interface.
Do you see what is the problem now?

Thanks
Yoteur
Logged

yoteur

  • Level 1 Member
  • *
  • Posts: 10
Re: DFL-800 SAT and NAT
« Reply #4 on: March 22, 2010, 06:57:24 AM »
Ok that works thanks.
The last problem was the order of the rules...
It must be:
1 SAT
2 NAT with user sender adress.
Thanks a lot
Yoteur
Logged

danilovav

  • Level 4 Member
  • ****
  • Posts: 424
  • Alexandr Danilov
Re: DFL-800 SAT and NAT
« Reply #5 on: March 22, 2010, 11:25:07 AM »
In most of cases, will be enouth to change Allow to NAT. But sometimes you need to specify special sender address in NAT rule.

Anyway, good that it's working.
Logged
BR, Alexandr Danilov