You need to add 1.1.1.67 to the WAN interface on the ISP facing router. Src-address=10.20.0.253 to-addresses=1.1.1.67Īdd action=masquerade chain=srcnat comment=\ĭisabled=no dst-address=10.20.0.253 out-interface=ether4-P2P src-address=\Īdd action=masquerade chain=srcnat comment="Main Outgoing NAT" disabled=no \ No dst-address=1.1.1.67 to-addresses=10.20.0.253Īdd action=src-nat chain=srcnat comment="Src NAT for Web Server" disabled=no \ "Block General Routing From Gateway to Internal IP Addresses" \Ĭonnection-state=new disabled=no in-interface=ether1-GatewayĪdd action=drop chain=input comment="Block Outside Web Access" \Ĭonnection-state=new disabled=no dst-port=80 in-interface=ether1-Gateway \Īdd action=dst-nat chain=dstnat comment="Dest NAT for Web Server" disabled=\ Tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10sĪdd action=accept chain=forward comment="General Outgoing Access to Gateway" \Īdd action=accept chain=forward comment="Grant Access to Web Server" \ Tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \ Tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \ Tcp-close-wait-timeout=10s tcp-established-timeout=1d \ Set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \ Code: Select all /ip firewall connection tracking
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |