Can't get through the UT server...

[HomeNet]

OK, what about the NAT issue, you are pushing 192.168.1.3/32 back out whatever external IP you are brining it in on? If you dont have your NAT policy in place it will send it back out the 1st IP you entered, and thus no love on completing the communication.

You lost me on that one.... Say all that again?

[raditude]

OK under Config>Networking>Interfaces choose Internal, then you will want/need something like the attached.
Attachment 2346

[HomeNet]

OK under Config>Networking>Interfaces choose Internal, then you will want/need something like the attached.
Attachment 2346

Sorry about that...

Mine is...well, uneventful.... See my screen-shot.

Note that I've never been on this part of the config before so I'm curious if this is new or not. This is version 7.1.1 and I've been using UT since version 5.0, at least! And, again, this used to work just fine - for years...

[raditude]

Dont see a screenshot, so not sure what yours says? This is not new, and the problem if you dont put the NAT entries in place (in router mode), is that all traffic from internal will go out whatever is the 1st address listed under Config>Networking>Interfaces>External, and if you have multiple IP's, and traffic coming in via an alias, but going back out the default, there is no way for it to work correctly.

[HomeNet]

Dont see a screenshot, so not sure what yours says? This is not new, and the problem if you dont put the NAT entries in place (in router mode), is that all traffic from internal will go out whatever is the 1st address listed under Config>Networking>Interfaces>External, and if you have multiple IP's, and traffic coming in via an alias, but going back out the default, there is no way for it to work correctly.

OK, I forgot the screen-shot. I'm, having a banner day today!!

Well, like I said, it has worked for years... We only use the alias' so we can give internal servers "public IPs" in order for us and other vendors to have remote access to them.

[raditude]

Good rule of thumb anytime you have multiple IP's (external), is to remove the 0.0.0.0/0 auto rule and add (if nothing more) 192.168.1.0/24 your primary external IP.

Now as to why it has worked in the past, who knows, in theory it should never have worked, as when someone tries to connect to IP .197, and gets a reply from .193, if they accept it, there is no security there, because there is nothing that ties the 2 IP's together.

As well as the only IP you can connect to the external admin for UT is the primary IP (this might be changeable in the GUI, but not by default).

[HomeNet]

Good rule of thumb anytime you have multiple IP's (external), is to remove the 0.0.0.0/0 auto rule and add (if nothing more) 192.168.1.0/24 your primary external IP.

Now as to why it has worked in the past, who knows, in theory it should never have worked, as when someone tries to connect to IP .197, and gets a reply from .193, if they accept it, there is no security there, because there is nothing that ties the 2 IP's together.

As well as the only IP you can connect to the external admin for UT is the primary IP (this might be changeable in the GUI, but not by default).

YOU ARE THE MAN!!!

Like I said, I'd never been in that part of the config but, obviously, it's important! I'm curious if they were auto-filled in earlier versions and then, after several years worth of updates, they bombed out.... I don't know but it doesn't matter either....it works! I can ping, RDP, use the remopte admin page, et cetera.

Once again, thank you!

[raditude]

Glad it is now working!

[HomeNet]

Is there a way to mark this as solved?

[raditude]

Only way I know of is if you can go back and edit your 1st post and add to the title (under advanced reply) that it is solved, and then just put in bold words at the top of the first post that this was resolved. UT will leave this active for a bit though so others searching with similar issues might be able to fix their installs.