forum.excito.org

Bubba community forum
https://forum.excito.org/

Port forwarding

https://forum.excito.org/viewtopic.php?t=1484

Page 1 of 1

Port forwarding

Posted: 11 Jan 2009, 04:07
by Lars
I am configuring the firewall with the following port forwarding:
SourceIP: All
Public port: 443
Private port: 443
Protocol: tcp

The resulting behaviour is now that any call to port forwarding from inside the firewall is redirected to my bubba.

e.g.
When I enter "https://www.avanza.se" in my browser, I end up at the website of my bubba!

Posted: 14 Jan 2009, 03:14
by pa
To which IP-address is it forwarded?

/PA

Posted: 15 Jan 2009, 06:58
by Lars
Here is the complete setup (i forgot the Private IP):
SourceIP: All
Public port: 443
Private port: 443
Private IP: 192.168.0.51 (=internal bubba2 server ip)
Protocol: tcp

Posted: 15 Jan 2009, 07:37
by pa
Hi Lars,

I have tried this myself and confirmed that it is a bug in our software. The portforward "hijacks" all traffic on that port and sends it along according to the portforward.

It it marked as a high priority bug and we will try to get this in an update as soon as possible.

/PA

Posted: 16 Jan 2009, 05:05
by pa
Just came to think of it, if I understand this correctly you want to open up https to the outside but not http? And that is why you can not use the checkbox?

If this is the case, you should select "Bubba|Two public port" and not do a regular portforward. Then enter 443 as port number.

This will allow access to Bubba|Two on port 443 without the above faulty behavior.

/PA

Posted: 16 Jan 2009, 16:46
by Lars
Yes, I don't want the ability to login to the admin or mail interface from a http connection, since I then might reveal my password.

I solved it by splitting the website in the apache setup so:
- The http connection lead you to my website.
- The https connection lead you to my bubba admin site.

In another idea I had, I wanted forward one port on the outside to another port on the inside, since the port on the outside was blocked on my office. This must wait until you have fixed the bug!

/Lars

Posted: 16 Jan 2009, 17:08
by pa
But this might still work, depending on weather the outside port is used for any other outgoing traffic or not.

Say you would like to forward port 222 on the external interface to port 22 on the internal, this would work as long as you do not try to access anything on from within your lan to somewhere in on the internet on port 222.

But maybe you can not choose the port freely since it needs to be open at your work as well.

/PA
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited