Firewall/NAT

I have an IIS web server on the standard TCP port 80 on a NAT'd connection.  I've setup inbound NAT to forward external connections on a different port (the ISP is blocking port 80) to that IIS box.  I know it works as others tell me they can get my images from their external addresses.  However I cannot see images if I go the external name but can going directly to that servers internal address from any of my internal boxes.  I setup the DNS forwarder (as mentioned in the FAQ) with an entry for that image server but I still get no images.  If I internally ping the DNS A record for that host I do get the internal address of that web server.  I'm not sure what I may have missed.   {EDIT} I forgot to mention I am using v1.3b1 of M0n0wall {/EDIT}

BTW:  Thanks for setting up the forum.  Much easier IMHO!

I would try to ping your external name from an internal client, just to see how the name resolves.

I would bet that the DNS Forwarder is not resolving your external name to the internal IP address.

I knoticed that this stopped working for me when I upgraded to 1.23. I fixed this by puting an entry in my local HOSTS file to resolve my external name to internal IP. This would not be a great solution for more than a few PC network.

It pings as I suspected.  The DNS A record resolves locally (on all internal boxes) as the internal address of the image server due to the DNS Forwarder entry.  The M0n0 box pings as the non-translated external name.

Argh!  Nevermind.  I was not thinking the whole thing through but now its working as desired.  All it was, external requests had to come from the non-standard port but IIS is listening on the standard.  Switching IIS to listen on the non-standard port and modifying the firewall rules and NAT to not change the destination port squared me away...