GroupBrowser  




Go Back   GroupBrowser > Novell Newsgroups > Border Manager > Border Manager Network Address Translation
Reload this Page Dynamic NAT
User Name
Password
 
 
Thread Tools Search this Thread Display Modes

Dynamic NAT
Old 06-05-2008, 05:16 PM #1
mortifer
Guest
 
Status:
Posts: n/a
Default Dynamic NAT

I have NO experience at all with Bordermanager, but I have been
searching for the past few hours on how to setup a few simple rules.
Here is what I want:

I want to be able to allow port 22 out from all internal addresses.

I want to be able to VNC into the private network. I want to use the
bordermanager public IP (lets use a fake one of 12.12.12.12) and have
it forward only port 5900 to an internal address (192.168.100.6). So
in essence, I want to be able to VNC to 12.12.12.12:5900 and have it
open a VNC connection with 192.168.100.6.

This is probably a very simple process, but I cant seem to get it
working. ALL help would be appreciated. We just picked up this
customer and although I told them I am not familiar with Bordermanager,
this is my first project :)


--
mortifer
------------------------------------------------------------------------
mortifer's Profile: http://forums.novell.com/member.php?userid=20545
View this thread: http://forums.novell.com/showthread.php?t=331548
  Reply With Quote

Re: Dynamic NAT
Old 06-11-2008, 03:35 PM #2
Automatic Reply
Guest
 
Status:
Posts: n/a
Default Re: Dynamic NAT
Sem,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:

- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://support.novell.com/forums/faq_general.html

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://support.novell.com/forums/
  Reply With Quote

Re: Dynamic NAT
Old 06-12-2008, 12:36 PM #3
mortifer
Guest
 
Status:
Posts: n/a
Default Re: Dynamic NAT

No one knows how do do this???

mortifer;1573507 Wrote:
> I have NO experience at all with Bordermanager, but I have been
> searching for the past few hours on how to setup a few simple rules.
> Here is what I want:
>
> I want to be able to allow port 22 out from all internal addresses.
>
> I want to be able to VNC into the private network. I want to use the
> bordermanager public IP (lets use a fake one of 12.12.12.12) and have
> it forward only port 5900 to an internal address (192.168.100.6). So
> in essence, I want to be able to VNC to 12.12.12.12:5900 and have it
> open a VNC connection with 192.168.100.6.
>
> This is probably a very simple process, but I cant seem to get it
> working. ALL help would be appreciated. We just picked up this
> customer and although I told them I am not familiar with Bordermanager,
> this is my first project :)


--
mortifer
------------------------------------------------------------------------
mortifer's Profile: http://forums.novell.com/member.php?userid=20545
View this thread: http://forums.novell.com/showthread.php?t=331548
  Reply With Quote

Re: Dynamic NAT
Old 06-14-2008, 02:27 AM #4
Craig Johnson
Guest
 
Status:
Posts: n/a
Default Re: Dynamic NAT
Yes, absolutely know how to do this.

It's actually all documented (with examples)in my BMgr 3.x book and my
filtering book. The filtering book shows how to do this with static
NAT. The BMgr 3.x book shows how to do this with generic proxy.

For outbound port 22, you just have to set up a single stateful filter
exception for tcp dest. Port 22, from private to public interface.

Inbound 5900 is a bit harder. You cannot static NAT the primary public
address, which means you will have to use generic tcp proxy. You will
need to set up 3 things - the generic tcp proxy entry for port 5900, an
access rule to allow generic tcp proxy port 5900, and at least one
filter exception allowing port 5900 to the public IP address (source &
dest. Interface=public). If you don't make it a stateful exception,
you'll need another filter exception to allow the outbound source port
5900 from the public Ip address for the proxy responses.

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***
  Reply With Quote
 

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode




Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Forum Jump




Adobe Newsgroups | Software Newsgroups


Powered by: vBulletin Version 3.0.7
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
© 2003-2004 All Rights Reserved GroupBrowser LLC.


Contact Us - GroupBrowser - Archive - Terms of Use - Privacy Statement - Top