#1  
Old 10th November 2011, 18:06
mmidgett mmidgett is offline
Senior Member
 
Join Date: Aug 2006
Location: Mooresville, North Carolina - USA
Posts: 117
Thanks: 5
Thanked 14 Times in 13 Posts
Default Ispconfig and NAT 1:1

I have been trying for a few days to move my servers behind a pfsense firewall using virtual ips and nat 1:1 to the servers. Can anyone tell me that this will work? I have been having trouble and since its a production server I only have 15min per day of down time if I'd like to keep my quoted uptime.

During my testing I as able to get FTP,SSH,SMTP to work with the correct ports opened up but was unable to get the websites to show. Is this due to named base virtual hosting? From what I understand about the 1:1 NAT is from the outside you request a website from 70.148.75.235 | --> then it moves it to 10.0.0.235 Server answers and sends back and firewall send back as 70.148.75.235. But I am wondering if something is being lost in the transaction?

Also my DNS servers were acting up, I am running mydns with mysql. With the virtual IPS forwarded to the internal ip with the 1:1 nat the server should be on the outside and with no firewall rule breaking it it should deliver answer to DNS queries right?
Reply With Quote
Sponsored Links
  #2  
Old 11th November 2011, 18:14
mmidgett mmidgett is offline
Senior Member
 
Join Date: Aug 2006
Location: Mooresville, North Carolina - USA
Posts: 117
Thanks: 5
Thanked 14 Times in 13 Posts
 
Default

I think that I may have found my problem. I changed the server address by command line as it is a headless vm. I then issued a networking restart at which it kicks me off ssh. I then can log back into the server using the new private ips. Then I continued to setup the firewall and forward everything like it was suposed to. The problem is that I am using mydns and it needed a restart after the ip and dns servers were changed. I didn't do that and ended up setting the severs back on the public internet with out my new firewall. At this point everything was still broke and I couldn't get nothing to resolve. I figured that I messed the DNS up and i'd wait 24 hours to see if it fix it self. however it didn't so i knew something was still wrong so I loged in by the ip and restarted the mydns server. At which everything started working again.

This weekend I'm going to turn back on the firewall and change back to running 1:1 nat and see if I can make it work again. I am using pfsense 2.0 as the firewall. It is a little complicated to setup for someone that is not used to it. However I am happy with the product and will continue to learn. What started this whole adventure was to limit bandwith to certain IP's or ports in general.

Till and Falko I thank you for this site and your willingness to help others.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3 problems with mail Help me !!!!!!! albertox26 Installation/Configuration 8 27th December 2010 20:57
ispconfig behind firewall using NAT bigger_travis Installation/Configuration 3 5th November 2008 19:54
ISPConfig and a NAT tomde Installation/Configuration 1 31st May 2008 12:12
ISPconfig behind a nat router and firewall laser General 10 14th February 2007 21:06
Need help ISPConfig and NAT weird domain problems nightshade2109 Installation/Configuration 11 16th November 2006 15:49


All times are GMT +2. The time now is 09:33.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.