I have monowall Version 1.231 Generic-PC on two sites and they exhibit the same behavior and wanted to get some opinions on this.
There are 3 wan address, for the sake of argument:
20.20.20.20
20.20.20.21
20.20.20.22
Monowall Wan interface uses 20.20.20.20
The Server NAT has:
20.20.20.21
20.20.20.22
Inbount NAT has the following:
192.168.0.8 PORT 80 (WAN INTERFACE)
192.168.0.9 PORT 80 (Ext 20.20.20.21)
192.168.0.10 PORT 22 (Ext 20.20.20.22)
Firewall rules has
80 to pass to 192.168.0.8
80 to pass to 192.168.0.9
22 to pass to 192.168.0.10
Here is the Behavior:
If I http:20.20.20.22 from the outside network (internet) I get 80 on the WAN, in other words 80 goes to 192.168.0.8. No rule was ever added to port 80 for the ext 20.20.20.22 public ip but it still allowed 80 to come in.
Is this normal behavior?
Joe
It would seem this may be a bug, but I am a computer dude that doesn't want to jump to conclusions.
-Can someone see if they can replicate this test and see the results. This will require at least two WAN Address.
-Set up one WAN Address
-Create a NAT Inbound Rule to allow port 80 on the WAN Interface to Server A (Create the firewall rule automatically)
-Test that Port 80 response to First WAN IP
-Create a Server Nat rule for the second WAN IP
-Create a Nat Inbound Rule to allow 25 on the Server Nat that was added to Server B (create the firewall rule automatically)
-Test that 25 Response correctly from Second WAN IP
-Try to access port 80 from the Second WAN IP
If I am correct, this second WAN IP will default to the WAN port and allow the packet based on the rule created by the first rule.
Thanks to anyway for this testing. THANK!!!
Joe
|
Topic: Unusual Nat Behavior? Bug??