Date: Mon, 31 Jan 2011 16:20:01 +0100 From: Daniel Hartmeier <daniel@benzedrine.cx> To: andy thomas <andy@time-domain.co.uk> Cc: freebsd-pf@freebsd.org Subject: Re: PF port forward problem with Sonicwall VPN Message-ID: <20110131152001.GE5861@insomnia.benzedrine.cx> In-Reply-To: <Pine.GSO.4.64.1101280827040.13014@mail.time-domain.co.uk> References: <Pine.GSO.4.64.1101280827040.13014@mail.time-domain.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jan 28, 2011 at 08:49:27AM +0000, andy thomas wrote: > and this works fine as I can access webmail on port 444. But why can't I > access the Sonicwall on port 444? Does anyone know if the Sonicwall uses > additional ports or has anyone got this device to with with a PF-based > firewall? First, I'd try to connect to the Sonicwall from the pf box itself, so it's using its local address. If that doesn't work, how's the pf box different from any other local client, for which this works? Then try and add NAT on the pf box' internal interface, so redirected connections should work like the previous test. If they don't, the problem clearly is with the pf box. But if they do work, but don't without NAT: Check if maybe the Sonicwall has a list of networks it accepts connections from. It might default to refuse connections from non-local networks. Also check if the Sonicwall has a correct default route. Without a correct default route, non-local connections would fail precisely in the way you describe... Kind regards, Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110131152001.GE5861>