Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Firebrick Port Mapping Problem  (Read 1414 times)

vic0239

  • Reg Member
  • ***
  • Posts: 519
Firebrick Port Mapping Problem
« on: July 08, 2016, 06:34:44 PM »

I am having complete failure mapping the ports (5000-5001) for my Synology DiskStation. Using the diagnostics firewall check it appears to show the rule working, but in practice I can’t access the server externally. I had no issues with my DrayTek router which the Firebrick replaced. Has any Firebrick owner setup similar port mapping in the firewall objects who could share? This is my latest attempt.

Many thanks. 

Code: [Select]
<rule-set name="Firewall: LAN"
           target-interface="LAN1"
           no-match-action="reject"
           comment="Default firewall rule for traffic to LAN">
  <rule name="Allow Firebrick"
        source-interface="self"
        comment="Allow all from the FireBrick to LAN"/>
  <rule name="Synology DiskStation"
        source-port="5000-5001"
        source-interface="WAN1 WAN2 pppoe indirect"
        target-port="5000-5001"
        protocol="6"
        set-nat="true"
        set-target-ip="192.168.1.52"
        action="accept"/>
 </rule-set>
Logged
Lothian Broadband 900/900 + AAISP VDSL, Vigor2865Vac, MikroTik rb260gsp, ZyXel NWA50AX WiFi AP.

d2d4j

  • Kitizen
  • ****
  • Posts: 1103
Re: Firebrick Port Mapping Problem
« Reply #1 on: July 08, 2016, 06:55:14 PM »

Hi vic0239

Just a thought, have you opened the port in the firewall.

Your mapping looks ok from a quick look

Sorry I don't use firebrick but weaver is very knowledgable and uses firebrick

Many thanks

John
Logged

vic0239

  • Reg Member
  • ***
  • Posts: 519
Re: Firebrick Port Mapping Problem
« Reply #2 on: July 09, 2016, 12:20:44 PM »

Thanks for your reply, John.

After delving deeper into the user guide and a bit of trial and error I have succeeded!  :) I think I was adding too many selection criteria to my rule and it was being skipped. Turns out to be pretty simple really.  ::)

Andy.


Code: [Select]
<rule-set name="Synology"
           no-match-action="continue">
  <rule name="DiskStation"
        target-port="5001"
        protocol="6"
        set-target-ip="192.168.1.52"
        set-target-port="5001"
        action="accept"/>
 </rule-set>
Logged
Lothian Broadband 900/900 + AAISP VDSL, Vigor2865Vac, MikroTik rb260gsp, ZyXel NWA50AX WiFi AP.
 

anything