Upload File

how to - configure port forwarding using virtual host to access devices on internal network

  • Home
  • Documents
  • How to - Configure Port Forwarding Using Virtual Host to Access Devices on Internal Network
prev
next
out of 5
Download How to - Configure Port Forwarding Using Virtual Host to Access Devices on Internal Network

Upload: asimasim123

Post on 05-Jul-2018

229 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • 8/16/2019 How to - Configure Port Forwarding Using Virtual Host to Access Devices on Internal Network

    1/5

    How To – Configure Port Forwarding using Virtual Host to access devices on Internal network

    Applicable Version: 10.04.0 Build 214, 304, 311, 338

    Overview

    This article demonstrates steps to configure Cyberoam to provide the access of internal resourcesusing virtual host.

    Virtual host implementation is based on the Destination NAT concept of older versions of Cyberoam.

    Virtual Host maps services of a public IP address to services of a host in a private network. In otherwords, it is a mapping of public IP address to an internal IP address. This virtual host is used as theDestination address to access internal or DMZ server.

    A Virtual host can be a single IP address or an IP address range or Cyberoam interface itself.Cyberoam will automatically respond to the ARP request received on the WAN zone for the externalIP address of Virtual host.

    Cyberoam allows Port Forwarding for Virtual Hosts. Additionally, Cyberoam allows configuring a Portlist for the virtual host. The ports within the list can be comma separated. It can be mapped against aPort List or a Port. Further a Port Range can now also be mapped against a single port. This createsone to one mapping or many to one mapping between the external port and the mapped port.

    Example:

    Port Forwarding Type(External Port Type to Mapped Port Type) External Ports Mapped Ports

    Port List to Port List 22, 24, 26, 28, 30 42, 44, 46, 48, 50Port List to a Port 22, 24, 26, 28, 30 20

    Port Range to a Port 21 - 26 28

    In case of Port List to Port List mapping, number of ports must be same for both, External Ports andMapped Ports. Request received on first external port will be redirected to first mapped port; secondrequest on external port will be redirected to second mapped port and so on. From the exampleabove, for Port List to Port List type of configuration, any request received for external ports 22, 24,26, 28, 30 will be forwarded respectively to mapped ports 42, 44, 46, 48, 50.

    Note : For a single virtual host, a maximum of 16 ports can be configured in a Port List.

    All the ports within a Port List support single protocol viz., either a TCP or a UDP protocol as perthe configuration. A combination of both of these protocols within a Port List is not allowed.

    Scenario

    Throughout the article we will use the network parameters shown in the network diagram givenbelow. Outbound traffic from LAN and DMZ is allowed while inbound traffic is restricted. The WebServer is hosted in the DMZ.

    How To – Configure Port Forwarding using Virtual Host toaccess devices on Internal network

  • 8/16/2019 How to - Configure Port Forwarding Using Virtual Host to Access Devices on Internal Network

    2/5

    How To – Configure Port Forwarding using Virtual Host to access devices on Internal network

    Networkcomponents

    External IP address(Public)

    IP address (Internal)

    Web server 1.1.1.1 192.168.1.2 (Mapped)

    For virtual hosts:

    External IP: IP address through which Internet user’s access internal server.Mapped IP: IP address bound to the internal server.

    Cyberoam WAN IP1.1.1.1

    LAN 191.168.2.0/24

    User over WAN

    DMZ 192.168.1.0/24

    Cyberoam LAN IP192.168.1.1/24

    192.168.1.2/24

    Web Server

    Configuration

    You must be logged on to the Web Admin Console as an administrator with Read-Write permissionfor relevant feature(s).

    Step 1: Create Virtual Host for Web serverGo to Firewall > Virtual Host > Virtual Host and click Add to add virtual host for Web Server withthe parameters as specified in the table below.

    Parameters Value Description

    Basic Settings

    Name WebServer Specify a name to identify the host

    IP Family IPv4

    Select the IP Family. Available Options:

    IPv4 IPv6

  • 8/16/2019 How to - Configure Port Forwarding Using Virtual Host to Access Devices on Internal Network

    3/5

  • 8/16/2019 How to - Configure Port Forwarding Using Virtual Host to Access Devices on Internal Network

    4/5

    How To – Configure Port Forwarding using Virtual Host to access devices on Internal network

    Click OK and the Virtual Host for Web_Server will be added successfully.

    On clicking OK , the Add Firewall Rules For Virtual Host screen appears which allows you to createfirewall rules to allow access to Web_Server from other zones such as WAN zone.

    Enable Add Firewall Rule(s) For Virtual Host and set rule parameters as desired.

    Click Add Rule(s) to add the firewall rule.

    Note :

    - In the given example, Virtual Host configuration for Web Server is shown. Virtual Host for other

    servers like Mail Server, FTP Server or Database Server can be created similarly.

  • 8/16/2019 How to - Configure Port Forwarding Using Virtual Host to Access Devices on Internal Network

    5/5

    How To – Configure Port Forwarding using Virtual Host to access devices on Internal network

    - While adding the Firewall Rule for the Virtual Host, it is recommended to allow only the requiredservices corresponding to the Server for security of the hosted server.

    Step 3: Verify Firewall Rule(s)

    To verify the Firewall Rules, go to Firewall > Rule > IPv4 Rule . Click to expand the DMZ – DMZDMZ – WAN and WAN – DMZ firewall rules. As shown in the image, three firewall rules are createdfor the virtual host of Web Server as shown in the image below.

    1. Auto : Allows traffic from WAN to Server2. Reflexive : Ensures that traffic from Server to WAN is NATted.3. Loopback : Allows access to server from the same zone, LAN or DMZ, in which Server is placed.

    Document Version 2.0 – 09 February, 2015


SPARC and Netra SPARC T5 Series Servers Administration ...Boot Mode Overview (Oracle ILOM) ..... 49 Configure the Host Boot Mode (Oracle VM Server for SPARC) ..... 50 Change the Host

CONFIGURE THE DOMAIN and SERVER TO HOST AND · PDF fileCONFIGURE THE DOMAIN and SERVER TO HOST AND INSTALL ... Selecting this option will automatically configure a public folder

Lecture 5: IP, Forwarding, and Switch · PDF file(b) Network Host 21 8 ... -E.g., Ethernet address of destination host-Or Ethernet address of next hop router ... sends to dest NIC

CONFIGURE ROUTERS to PORT FORWARD...The information provided in this manual is to guide and help the customer create forwarding rules or port forwarding for specific ports on a router

Autoroute Announce and Forwarding Adjacencies For … fileHow to Configure Autoroute Announce and Forwarding Adjacencies For OSPFv3 Configuring Autoroute Announce and Forwarding Adjacencies

VBK TO WAV Message Forwarding Administration TO WAV... · VBK TO WAV Message Forwarding Administration Message Forwarding Administration Page 2 Contents 1 Message Forwarding Overview

i885 BoostMobile Phone User’s Guide...iii Memo 73 Call Forwarding 74 Forwarding All Calls 74 Turning Off Call Forwarding 74 Forwarding Missed Calls 74

Switching, Forwarding and Routing. Network layer functions r transport packet from sending to receiving hosts r network layer protocols in every host,

Web viewB. IPsec tunnel VPNs and TLS portal VPNs. ... C. site-to-site. D. host-to-host. ... To configure a switch, you will need a(n)

CONFIGURE THE DOMAIN and SERVER TO HOST AND INSTALL ... › exchange › CONFIGURE-THE-D… · Server 2003, the first step you ... Domain Controller on Windows Server 2008 R2 –

Availability Zones Deployment for Multiple · Host Names and IP Addresses Define the host names and IP addresses required for Availability Zone 2. You must also configure some of

AT&T DNS Security Configuration Guide...Complete these procedures to configure DNS forwarding on the Microsoft Windows Server 2008 R2 and 2016. You can configure DNS forwarding with

Port Forwarding

HSRP [Host Standby Router Redundancy Protocol] · 2014. 2. 9. · HSRP LAB In this lab, we are configure R1 and R2 are connected in the same LAN.We are going to configure HSRP for

csci320db.weebly.comcsci320db.weebly.com/.../9/46293537/gettingstartedmysql.docx · Web viewOptionally, you may configure a method for remote management if a Remote Host was specified

Contents at a Glance - users.atw.huusers.atw.hu/alice374/nyomtat/nyomtat_ccna.pdfIntroduction Getting Started ... Network Layer Routing (Forwarding) Logic Host Forwarding Logic: Send

Dynamically configure roles (e.g., DNS Stub Name Server or SIP Proxy) Dynamically configure links (e.g., IP address of best root, forwarding or master

configure ssh-tunnel on jump server or bastion host

MANUAL DE USUARIO - download.gigabyte.cndownload.gigabyte.cn/FileList/Manual/motherboard_manual_8knxp_s.pdf · Configure la frecuencia del host de la CPU de acuerdo con las especificaciones

11 · Web viewStep 4. Implement security policy number 2. Host 10.1.10.5 is not allowed to access host 10.1.50.7. All other hosts are allowed to access 10.1.50.7. Configure the ACL

11- IP Network Layer4-1. Network Layer4-2 The Internet Network layer forwarding table Host, router network layer functions: Routing protocols path selection

Zenoss Core Configuration Guide · Zenoss Core Configuration Guide 6 Port public endpoint Virtual host public endpoint 2 Configure the Zope service 2 Configure the Zope service 3

Network Layer4-1 The Internet Network layer forwarding table Host, router network layer functions: Routing protocols path selection RIP, OSPF, BGP IP protocol

Configure ASA Version 9.x Port Forwarding with NAT · ... and the outside Network Address Translation (NAT) ... Address objects. Check the Disable Proxy ... server is allowed back

DS-PEA How to configure Master Station Call Forwarding

Freight Forwarding

Integrate A10 ADC - NetsurionA10 Application Delivery Controller AX/Thunder Series running ACOS 4.0 or later should be installed. Enable Syslog forwarding on A10 ADC Configure Syslog

Global Freight Forwarding · PDF fileGlobal Freight Forwarding 2014 ... TIGFF1407 An analysis of the global freight forwarding ... 5.3 Global Sea Freight Forwarding Market Growth and

SME Forwarding

QFX5110 Switch Hardware Guide - Mojo Systems · 2019-10-31 · Table2:TextandSyntaxConventions Convention Description Examples Toenterconfigurationmode,typethe configurecommand: user@host>configure

IP Forwarding

Red Hat Enterprise Virtualization 3.0 Installation Guide...Setup and configure hosts. A host can be a Red Hat Enterprise Virtualization Hypervisor or a Red Hat Enterprise Linux host

Forwarding Your ESGVROP Email to Another Email Account · Confirm forwarding address Forwarding mail to [email protected] Forwarding and POP/IMAP Chat Labs Offline Themes C)

How To Configure QoS To Conform To Standard Marking ... · PDF fileThey define three distinct types of treatment (referred to as per-hop behaviours, PHBs): zExpedited Forwarding (EF)

Forwarding Traffic Down Tunnels · Forwarding with Policy-Based Routing • Policy-based routing (PBR) is enabled using policy route maps applied to the incoming interface. • Configure