Author Topic: NAT 1:1 (Read 6146 times)

rl82 · « **Reply #15 on:** August 03, 2021, 02:40:51 pm »

is interesting that i can ping only .101 (port forward virual ip) and not .102 (1:1 NAT virtual ip).
ssh no success

bartjsmit · « **Reply #16 on:** August 03, 2021, 10:13:16 pm »

Quote from: rl82 on August 03, 2021, 02:40:51 pm

ssh no success

Can you make sure the SSH server is installed and running?

sudo apt-get install openssh-server
systemctl status sshd

Bart...

rl82 · « **Reply #17 on:** August 04, 2021, 09:55:38 am »

Quote from: bartjsmit on August 03, 2021, 10:13:16 pm

Quote from: rl82 on August 03, 2021, 02:40:51 pm
ssh no success

Can you make sure the SSH server is installed and running?

sudo apt-get install openssh-server
systemctl status sshd

Bart...

thanks Bart for your help.
You mean to install it in webterm?

bartjsmit · « **Reply #18 on:** August 04, 2021, 03:55:36 pm »

ubuntu1 - the server that sits behind your 1:1 NAT

rl82 · « **Reply #19 on:** August 10, 2021, 09:08:23 am »

sorry Bart, i am not sure i understood.
Might you be please so kind to explain me better?
Do you need some screenshot regarding the configuration?

Thanks

Patrick M. Hausen · « **Reply #20 on:** August 10, 2021, 09:13:26 am »

You are trying to SSH to a server behind 1:1 NAT. Bart asked you to check and make sure that SSH is running on that server. Might be simply not active ...

rl82 · « **Reply #21 on:** August 10, 2021, 10:43:01 am »

thanks
here are the output

bartjsmit · « **Reply #22 on:** August 10, 2021, 11:40:24 am »

Can you confirm it works now from your local LAN and from the WAN side of your 1:1 NAT?

There may be a host firewall on ubuntu1 that limits access (UFW in that case). If it doesn't work from your LAN, ensure SSH is allowed from everywhere (at least temporarily for testing)

Bart...

rl82 · « **Reply #23 on:** August 10, 2021, 01:45:12 pm »

Hallo Bart,

i am sorry but i have difficulties to understand the goal:

my problem is that i am able to reach the webserver on ubuntu with his private address (192.168.56.3:81) although i set the NAT Port Forwarding and the NAT 1:1. I see that if i disable the NAT port forwarding the problem still persists while if i disable the NAT 1:1 the problem is solved, so i assume there is some misconfiguration on the NAT 1:1.

bartjsmit · « **Reply #24 on:** August 10, 2021, 02:14:51 pm »

To me the goal of 1:1 NAT is for traffic parity on the WAN side. The destination address for traffic to your server from outside is the same as the source address of the return traffic. This solves a lot of issues with NAT (but not all).

Once that bit works, you can worry about other issues.

rl82 · « **Reply #25 on:** August 10, 2021, 02:31:40 pm »

Hello Bart,

thank you for your answer. What you mean with "traffic parity" please?
can be that this options has enabled this bug?
"block private network disabled"

rl82 · « **Reply #26 on:** August 10, 2021, 02:41:53 pm »

I can do ssh from internal browser webterm-1
no ssh from external browser webterm-2

rl82 · « **Reply #27 on:** August 11, 2021, 02:36:02 pm »

so i am not able to solve it

i will hit my head in this hours and i will find it out.
If i find the solution, i will post it and share for the community

thanks everybody

rl82 · « **Reply #28 on:** August 13, 2021, 09:41:47 am »

so no success.
The problem persists: the private ip address of the webserver (192.168.56.3) is REACHABLE from WAN (external network) when i add the NAT 1:1 Rule.

Author Topic: NAT 1:1 (Read 6146 times)

rl82

Re: NAT 1:1

bartjsmit

Re: NAT 1:1

rl82

Re: NAT 1:1

bartjsmit

Re: NAT 1:1

rl82

Re: NAT 1:1

Patrick M. Hausen

Re: NAT 1:1

rl82

Re: NAT 1:1

bartjsmit

Re: NAT 1:1

rl82

Re: NAT 1:1

bartjsmit

Re: NAT 1:1

rl82

Re: NAT 1:1

rl82

Re: NAT 1:1

rl82

Re: NAT 1:1

rl82

Re: NAT 1:1