Results 1 to 5 of 5
  1. #1
    Newbie
    Join Date
    Jul 2008
    Posts
    14

    Default Firewall & Port Forwarding Not working

    Hello All,

    I recently installed and configured a new UT box though didn't go as smoothly as I thought it would have.
    First I set the firewall to default deny and setup the specific ports in this fashion:
    Action: Allow
    Traffic: Any
    Client Interface: any
    Server Interface: any
    Source Address: any
    Destination Address: any
    Source Port: Any
    Desination Port: ***

    I made a rule for each, 80, 25, 110, 443, 143, and was unable to access either email or web on networked pcs. Only after I changed the rule to default Allow would those work, any ideas why those rules didn't work?

    However the bigger problem was that Port Forwarding wouldn't work, here's how it was setup. We have 5 public ips coming from one pipe directly into the WAN port on the UT box.
    Primary WAN UT address is Static: 1.1.1.7 / 29 with aliases
    1.1.1.3 / 32, 1.1.1.4 / 32, 1.1.1.5 / 32, 1.1.1.6/32
    Primary LAN UT address is Static: 192.168.123.1 / 24

    The port forwarding was setup for RDP to one computer on the local network and looked like this:
    Destination Port: 3389
    Protocol: TCP
    Source Interface: External
    Destined Local
    Forward Traffic to the following Location: 192.168.123.250

    I tried turning off the firewall portion, I made sure the Protocols weren't set to block, and I searched through the UT forums for a solution and tried what i could find, but nothing has helped.

    Am I missing something in these two problems, or should I maybe try a re-install and see if that fixes the problems?

    I'd really appreciate it if someone has already tackled this problem and can enlighten me to a solution.
    Thanks,

  2. #2
    Untanglit
    Join Date
    Aug 2008
    Location
    Pretoria Gauteng South Africa
    Posts
    17

    Default

    The destination should not be local as I understand it.

  3. #3
    Newbie
    Join Date
    Jul 2008
    Posts
    14

    Default

    why not?
    if the address of the UT box is 1.1.1.7 and that's what users type into the RDP client, would that not be the local address?
    I've also tried to set the destination address to 1.1.1.7 and that doesn't work either.
    I'm going to turn on Remote Administration tonight and see if I can get that to work, trying to narrow down the problem as much as possible.

    Does anyone think that because of the 5 different IPs setup, that I would have to specify the public address in the Remote Management > Public Address Tab?
    Last edited by speedstic; 08-18-2008 at 12:08 PM. Reason: added question

  4. #4
    mdh
    mdh is offline
    Untangle Ninja mdh's Avatar
    Join Date
    Aug 2007
    Posts
    4,752

    Default

    The port forward rule you have looks fine, but I would add UDP protocol as well. The 1.1.1.7 access is to be forwarded internally, so it is destined local. Having five different IPs does not have a bearing on use of the Public Address tab...that is if Untangle is a bridge behind a router and you are getting access to Untangle by forwarding your remote admin port from the router to Untangle. Using 5 different public IPs may warrant use of static NAT if you have dedicated purposes for some of the boxes (such as a mail server).

  5. #5
    Newbie
    Join Date
    Jul 2008
    Posts
    14

    Default

    I just did a good'ol re-install and everything works just fine, both port forwarding & firewall are now functional, though email sending & receiving is painfully slow now, not too sure why.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2