In short
Is it possible to have two seperate networks (seperated by IP addresses and subnet) under one gateway + firewall that is within IP and subnet configuration is on network #1 and still filter inbounding/outbounding traffic to/from network #2?
Details
Gateway + Firewall (m0n0wall software) has internal address 192.168.0.100 with subnet 255.255.255.0
- Computers have addresses 192.168.0.x
with same subnet /24 - Some devices, are on 192.168.1.x with
subnet /24
Internally, from computer with address 192.168.1.Y i can access device, ofcourse.
Question is – is it possible to forward some ports from external IP (out of office) to device with IP 192.168.1.X? Will it work if firewall is on "different network"?
So far i have
- Forwarded port 443 to 192.168.1.X:443
- Set up firewall rule to fully trust
all ports inbound & outbound to my
external IP address.
While trying to connect to Office external IP, port 443
- In browser i get
ERR_TIMED_OUT - In office firewall logfile i see that Out of office
external IP, port 1560 allowed to
192.168.1.104, port 443 TCP - Sometimes I also see Out of office
external IP, port 1560 denied to
Office external IP, port 443 TCP - I don't see any answer from
192.168.1.X in logfile.
If i map 443 to address 192.168.0.X, everything is OK.
What is the problem and how to solve this please?
My suspect is that firewall is not on same subnet. What if i lower subnet number to 255.255.0.0 for firewall to include both networks – will it not break the whole network?
Best Answer
You haven't given us enough detail:
You have two separate logical networks
Your firewall lives in 192.168.0.100. This means that 192.168.1.0 cannot communicate with your firewall without some other part of the picture that I've missed. How does 192.168.1.0/24 communicate with your firewall? Your must either have:
You'll need to fill us in on what part of the puzzle we're missing here.