Are multiple port forwarding connections over the same port possible
CompletedIn our lab we have a server exposed to the internet with three ports forwarded by our Gold to the server (2211, 2212, 2213).
The server is running VirtualBox with three RedHat Enterprise Linux VMs. (192.168.1.211; 192.168.1.212; and 192.168.1.213). From the LAN we can connect all the SSH connections we want to any of the three virtual RHEL servers. This shows that the port forwarding on VirtualBox is all correctly set up.
There are times when we attempt to establish multiple internet connections and we get a Network error: Connection refused. or other failure message.
How can we see why this is being blocked after a single connection is already established? The logs are a bit wonky to find the internet traffic that is being forwarded (or should be forwarded).
Here is a diagram of our network.
The other maddening situation is that the Gold doesn't see the VMs consistently. On boot it typically does but after a while it shows them offline - even when they can be pinged. They all have unique IP and MAC addresses.
Any ideas on that too?
The servers are very much up and running ....
... yet being reported offline.
-
This is the king of problem I am trying to tell Firewalla. I think they should have a way to have port forwarding to IP disregarding the MAC address. If they gave you a way to type the ip i am pretty sure the firewalla would be able to make the iptable and connect to that host without the the need of macadress
-
Yes! this is good to heard that from another person. I have a huge problem right now because of this and I am trying to get the staff understand the problem and I feel like they don't know how important this is.... Anyway, I don't think they will fix this any soon which is very sad because I ended up liking the firewalla Gold a lot but right now I just need my network back working. I' returning it... :(
-
Oh Same price. I just have 5 days with it. I have spent all this time trying to get the Firewalla Gold to port forward to an ip not an mac address (like a normal router) because I have a load balancer running from 3 nodes... I don't think you want mine for the same price... I am just gonna return it to them
-
@Chris. Exactly why I need a firewall. Before I had the firewalla I had Crowdsec running on my cluster and it detect all that. This is why I ended up buying the Firewalla Gold for an extra security layer but now I am not even able to run my services on the internet because the Firewalla is not able to port forward to my cluster... Anyway, right now I am running pfsense on a VM and checking it out, hoping that Firewalla release support before returning it... :(
-
This feature will be supported in the 1.50 early access release within the next few days. It will be updated here once released: https://help.firewalla.com/hc/en-us/articles/4554420886163
Please watch out for the news and we are looking forward to hearing your feedback.
-
@Ricardo
Sorry for waiting.
We just made an update to 1.50, please have a try.
For documentation, please search "port forwarding" in this release notes file:
Please sign in to leave a comment.
Comments
22 comments