[SOLVED]Very strange behaviour

Started by ibadea, May 06, 2022, 09:03:35 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 06, 2022, 09:03:35 PM Last Edit: May 07, 2022, 10:14:19 AM by ibadea
Hello Hello,

I am a bit stuck so I would appreciate a helpful hand ! :)

Running 22.4 version commercial license on a DEC3800 box. Zenarmor on LAN interface.

One primary WAN IP and another 3 secondary IP's defined as virtual IP, all pointing to the same ISP GW.
one to one NAT for the 3 secondary IP's to 3 internal IP's. Port forwarding just one port from each secondary WAN IP's to an internal IP address (each external IP / virtual IP points to a single / different internal IP). Apart from that there is also a port forward for the principal / main IP address on the wan interface, to it's specific internal address.

Tested port open, all seemed to be OK etc. etc. ... until I discovered something interesting, even if power off the internal device, I disable the port forwarding rules or even if I disable the one to one nat rule on each virtual wan ip addresses I can still see external port as opened ... and that's not quite OK :))))

I've also added the 4 internal IP addresses to zenarmor white list so it will not filter them, etc. still the same issue.

Here is the full config:
Main WAN: 82.77.182.178
WAN IP2: 82.77.183.104
WAN IP3: 82.77.183.13
WAN IP4: 82.77.183.71
Netmask: 255.255.254.0
Gateway: 82.77.182.1

DNS (1): 213.154.124.1
DNS (2): 193.231.252.1

one to one nat 82.77.183.104 to 192.168.1.132
one to one nat 82.77.183.71 to 192.168.1.141
one to one nat 82.77.183.13 to 192.168.1.142

port forward 82.77.182.178:44158 to internal 192.168.1.55:44158
port forward 82.77.182.104:44158 to internal 192.168.1.132:44158
port forward 82.77.182.71:44158 to internal 192.168.1.141:44158
port forward 82.77.182.13:44158 to internal 192.168.1.142:44158

Now the fun part begins, any port forward rule or one to one nat I disable (from the secondary IP addresses) I still have port 44158 open on all external addresses tested from outside.

Edit: so, to make myself clearer - even if packets or connections come towards one of the virtual wan IP's they are still routed to the main wan ip / port (because it's the only one that's still forwarding port 44158 ... it's like one to one nat it's not even in place

If I disable the primary address port forwarding rule (port forward 82.77.182.178:44158 to internal 192.168.1.55:44158) then I close the 44158 for all 4 external IP addresses :)) WHY ?

So I don't understand why the one to one nat and port forwarding it's not working as it should be ???

Any help will be great! If you guys think screenshots or whatever logs are necessary to debug please let me know
May 06, 2022, 11:11:33 PM #1 Last Edit: May 07, 2022, 12:58:36 AM by ibadea
While playing around ... I've manage to somehow "solve" a bit the puzzle

On the port forward I had the primary wan IP defined as 82.77.182.178 / 23 as per ISP configuration ... I've decided to narrow it a bit so I configured the 44158 port forward on the primary IP with the 82.77.182.178 / 32 mask ... great ! port forwarding it's working on this IP ... and now it's not working anymore on all other virtual IP's.

This is great ! :)) but it's still like one to one and port forward it's not working at all on the wan interface :))

what am I missing ?
Print
Go Up Pages1
User actions