News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: Access DMZ from LAN not working even with Lan to DMZ wide open
Pages: [1]
Topic: Access DMZ from LAN not working even with Lan to DMZ wide open  (Read 1851 times)
« on: March 12, 2008, 06:21:59 »
priorismono *
Posts: 11
Hi,

I have in FW rules the following for Lan to DMZ,

pass
<interface>lan 
<protocol>tcp/udp
<source><network>lan  <port>22
<destination><network>opt1 <port>22
(for SSH communication)

and and top this:

pass
<interface>lan
<protocol> *
<source><network>lan <port> any
<destination>any <port> any

but yet, I can't SSH or connect to DMZ (web server) from Lan using internal IP address (not external dns name).
however, server is runnen and accessable form WAN with no problem. (http, ftp)
Not even a ping to DMZ  server is working from the lan side.

How can that happen? as you can see the rules are in place.
NOTE I've had same thing happen on other mono wall in same setup (wan. lan . dmz), and afterfew reboots and retries (starting from scratch again and putting in same rules again) it started to work, and has been working ever since.


Anybody have hint?
thanks
« Reply #1 on: March 20, 2008, 10:44:18 »
markb ****
Posts: 331
Change the source port on the rule to the DMZ to *
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines