PORT FORWARD NOT WORKING PROPERLY

Started by woxfi, July 20, 2022, 08:07:37 AM

Previous topic - Next topic
So I have one Main IP (Public) assigned to the firewall , And added two public ip is the virtual ip's .
I setup port forward port 222  on x.x.x.4/27(public IP)  to forward it to port 22 on 10.10.2.2 . It works pretty good
Again added similar rule forward 223 on x.x.x.4/27 to port 22 on 10.10.2.3 , and it works too .

Then i created another VM , gave it IP 10.10.2.4  and created a new rule x.x.x.5/27 (Public IP already in Virtual IP ) incoming requests on port 222 on this IP x.x.x.5 forward to port 22 on 10.10.2.4 VM , but it forwards me to 10.10.2.2 .

Any insights would be nice thank you .

You need to set the netmasks for the external addresses to /32 in your rules.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)

you mean in virtual IP Addresses ?

i have set two IP in Virtual IP
X.X.X.4/32
X.X.X.5/32

Then updated the rules

Firewall -> NAT -> Port Forward

SSH to X.X.X.4 on port 222 goes to 10.10.2.2
SSH to X.X.X.4 on port 223 goes to 10.10.2.3
SSH to X.X.X.5 on port 222 also goes to 10.10.2.2  , it should have gone to 10.10.2.4

In your port forwarding rules. In your first post you wrote e.g. "x.x.x.4/27" - that needs to be x.x.x.4/32.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)

its working after Virtual IP were set to each ip/32 , ssh port is working , i will do some more forwardings and will post results

thank you so much for helping

In Interfaces > Virtual IPs > Settings keep the same netmask as for your primary IP address, probably /27.
In Firewall > NAT > Port Forwarding (and all firewall rules where you want to do something with a single VIP) use a /32 netmask, meaning "only a single address".
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)