Topic: DFL-260 - NAT / SAT with dyndns source. (Read 8683 times)

cyberdouai · « **on:** January 26, 2011, 02:57:44 AM »

Hello, I'm trying to configure a DFL-260 in order to accept only connexion from an host on dyndns to the port 5060 (sip) of the DFL, which is SATed to the ipbx. In order to do that i've used the dns: ***.dyndns.org but it don't seems to work.

Here's some screenshots :

with this service :

I've made the same thing for the NAT rule.

What do i do wrong? Thanks in advance !

(sorry for my english i'm french

)

PS : it works when I write directly the IP (without dyndns) in the "tel-bert" address field.

cyberdouai · « **Reply #1 on:** January 27, 2011, 03:01:50 AM »

I believed It was solved but not

juanjo · « **Reply #2 on:** January 30, 2011, 10:08:22 AM »

It's sounds like you have not configured dns address in your dfl-260.
Please, check the next:

1.- Be sure that you have configured dns addres. Check System->DNS->Primary Server and set to Wan_Dns1 or your dns address.
2.- Be sure that you have the same NAT rule just after SAT rule
3.- Be sure that two rules are before any drop rule that drops 5060 port or better, put them before all drop rules.

Regards

cyberdouai · « **Reply #3 on:** February 02, 2011, 05:29:23 AM »

First, Thanks for your reply

Then, the SAT - NAT rules are the two first rules on the firewall (SAT, then NAT).
The configured dns adresss is the google one : 8.8.8.8

But it still not works

But when i write directly the IP into the rule, without the dns, it works ...

juanjo · « **Reply #4 on:** February 02, 2011, 11:59:28 PM »

Quote from: cyberdouai on February 02, 2011, 05:29:23 AM

First, Thanks for your reply

Then, the SAT - NAT rules are the two first rules on the firewall (SAT, then NAT).
The configured dns adresss is the google one : 8.8.8.8

But it still not works

But when i write directly the IP into the rule, without the dns, it works ...

I don't understand.

DNS Address must be DNS of your ISP to resolve "dyndns" FQDN.

Regards

cyberdouai · « **Reply #5 on:** February 03, 2011, 05:24:42 AM »

I always use google dns instead of my ISP dns. Everywhere : pc, switch, firewall, modem ... it always work ... i'll try anyway with my isp dns but i think it won't change anything

cyberdouai · « **Reply #6 on:** February 04, 2011, 06:19:51 AM »

nothing change when i use my ISP's dns.

Note when i write "dns:CENSORED.dyndns.org" directly in "source network" of my rules, i've got this error :

- Unknown symbolic netobject name
NAME sat_5060 SAT wan dns:CENSORED.dyndns.org core wan1_ip Port_506...
^^^^^^^^^^
Am I wrong with the notation?

lingnau · « **Reply #7 on:** September 20, 2011, 05:23:43 PM »

I'm not sure if SAT rules allow this sort of objects (dns:host.domain.com).

They work just for VPN and some other features, but not for host adresses. (I've had problems with this once).

Consider using a fixed IP adress for this.

danilovav · « **Reply #8 on:** September 21, 2011, 12:42:56 PM »

FQDN is not allowed in IP rules
Use IP range/subnet instead of dyndns name

D-Link Forums

News:

Author Topic: DFL-260 - NAT / SAT with dyndns source. (Read 8683 times)

cyberdouai

DFL-260 - NAT / SAT with dyndns source.

cyberdouai

Re: DFL-260 - NAT / SAT with dyndns source.

juanjo

Re: DFL-260 - NAT / SAT with dyndns source.

cyberdouai

Re: DFL-260 - NAT / SAT with dyndns source.

juanjo

Re: DFL-260 - NAT / SAT with dyndns source.

cyberdouai

Re: DFL-260 - NAT / SAT with dyndns source.

cyberdouai

Re: DFL-260 - NAT / SAT with dyndns source.

lingnau

Re: DFL-260 - NAT / SAT with dyndns source.

danilovav

Re: DFL-260 - NAT / SAT with dyndns source.