DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Dual WAN - Portforwarding Problems

  • organictreatment
  • Topic Author
  • Offline
  • New Member
  • New Member
More
28 Nov 2012 02:28 #74376 by organictreatment
Dual WAN - Portforwarding Problems was created by organictreatment
Hello, I am running PF-Sense Rc2.
I have a somehow complicated setup. Maybe the following Picture can Help
The Linux Box is only doing VPNC Dialin to the University and doing 1:1 to the Wan2 Interface.
What I want to achieve is the following:
Normal Lan traffic goes to the Wan
Certain Traffic from some Lan-hosts is routed via Wan2
Cisco Traffic whic comes from the Lan is routed to the Universitygateway via the wireless link.

What I have done right now is
Enable Advanced Outbound Nat and Created the following Rules:
Interface Source
WAN 192.168.0.0/24
Wlan 192.168.0.0/24
Wlan 192.168.195.0/29
Wan2 192.168.0.0/24

Now the following things work:
connect with the Lan Clients via Wan to the Internet
client starts on his PC the Cisco Client he will be redirected to the Wlan link and goes into the University Network/Internet
Special Host is route via policy Based routing via the Wan2 Interface through the Linux Box and also goes into the University Network/Internet

If a make a Portforward form the Wan interface to the Lan it works.

If a make a Portforwarf from the Wan2 interface to Lan it doesnt work Sad

I tried to Portforward Port 22 SSH from the Wan2 to the Host 192.168.0.33. Here is the rule which I made on Lan for policy based routing :
Lan
Proto Source Port Destination Port Gateway
* 192.168.0.33 * * * 192.168.196.2
and the autocreated ones
Wan2
Proto Source Port Destination Port Gateway
TCP/UDP * * 192.168.0.33 22 (SSH) *
ICMP * * 192.168.196.1 * *
Nat Rule
If Proto Ext. port range NAT IP Int. port range
WAN2 TCP/UDP 22 (SSH) 192.168.0.33 22 (SSH)
(ext.: 192.168.196.1)

With this Setup I am not able to establish a SSH connection from an Outside Ip to host on the Lan. When I turn loggin on this rule on I get the following output but i am still not abel to connect to the SSH Server on 192.168.0.33
Time If Source Destination Proto
Sep 22 16:16:40 Wan2 84.58.134.196:52816 192.168.0.33:22 TCP

But it works fine if I connect from the Linux Box with the Ip 192.168.196.2 to the host 193.168.0.33 there i get the SSH connection. Is there anything what I forgot on the PFsense Side?

Please Log in or Create an account to join the conversation.

More
30 Nov 2012 19:49 #74403 by the pit
Replied by the pit on topic Re: Dual WAN - Portforwarding Problems
Maybe best if you ask this question on the PF-Sense forums http://forum.pfsense.org/

Please Log in or Create an account to join the conversation.

Moderators: Sami