Firewall/NAT

Hi, all

Finally changing form my old D-link router/fw to a monowall PC.
Most of it works great either in 1.233 or 1.3b10. However, I seem not to be able to do as I used to do with my old D-link. (NAT) 

I have dynamic IPs and did setup a DynDNS with No-IP.com. (Wan IP gets updated with Linux box, and works) To avoid issues with ISP I do a port redirect to port 99. (No-ip does that for free)

My Linux server is listening to port 80 on my LAN.  So I want to redirect all incoming HTTP on port 99 to internal IP on port 80. How do I do this?  I've tried all possible settings (mimic from D-link settings too because it works there) and not luck.    Even if I skip the port redirect for testing purposes I can't get to my server. Strangely though I get the monowall GUI interface on my wan-IP at port 80. Don’t like that actually.
Any hints on how to set this up correctly?

Greatly appreciated
M.S.

NAT Rule:   |   WAN   |   TCP   |   99   |   {IP or better yet Alias of your web server}   |   80   |

WAN Rule:  |   TCP   |   *   |   *   |   {IP or better yet Alias of your web server}   |   80   |

CS...

That's exactly the rules I have, but not working.

mono gui is still coming up on wan at port 80
on port 99, nothing. can't get to server.

??hints?? (same thing on boht versions 1.233 or 1.3b10

reset your m0n0wall to Factory Defaults and try those rules again.  If you still have a problem post more details on your setup.

CS...

Ok complete rundown on a test I did:

First Network setup: IPS >> DSL-Modem >> MONOWALL-WAN >>MONOWALL-LAN >> Switch >> PC’s

• Create new CF with 1.3b10
• Setup all NIC correctly with console
• Use default settings for lan (192.168.1.1)
• Acquire local IP for my notebook (Lan)
• Open IE7, type local address 192.168.1.1: webGui opens.
• Browse in WebGui to system/interface to gather new WAN IP
• Open new IE7 (kill all cash files and history) type WAN IP and enter:  Again the WebGui opens with request for user and password, and let me in.
• Disconnect power to DSL-modem
• Open new IE7 (kill all cash files and history) type WAN IP from before in and: Again the WebGui pops up with request for user and password, and let me in. 

So Mono must make a link from behind the FW on the local IP’s to the WAN IP and notice I’m a local user and reroute me to the local IP of mono again. HOW COME?

That might explain why even with setup NAT forwarding and FW rules to have HTTP  to be rerouted on LAN server I always get the WebGui.

What do I do wrong?



Second test, with this new setup (factory defaults) I added the rules as suggested. but no success.


Thanks in advance. 

m0n0wall does not allow that type of loopback connection.  have you tested it from another remote internet connection?

CS...

Tried different setup now,

Wan
Lan
DMZ

followed this step by step http://doc.m0n0.ch/handbook/examples.html#id2603650

Still get the same thing that my http is not forwarded and that if I from behind the mono, the external ip type in the browser the webGui pops up.

Have done it soo many times with Dlink or linksys routers,  and eventhough mono seems to be all strait forward, it wont work.

do I need to forward xml file? (in attachment as txt )

could it be my hard ware that is causing this? I'm using an old DEC

Help help. Thanks.

http://doc.m0n0.ch/handbook/faq-lannat.html

CS...

Thanks man, I appreciate it.
While thinking I had a problem it seemed all to be working (not as stable as I would like it to be but hey what can I say, using the beta version.) once I've added the loop for the home domain to the DMZ, it seems to work behind the FW too. Outside, I never tested as I assumed it would be the same from behind the FW as it is with Dlink routers.  Having access to few open hot spots I tried it from the outside and hey all working fine. I guess now its about fine tuning, and maybe upgrading my old DEC hard ware a bit. LOL 

Have a nice weekend. (Case closed)