I am really scratching my head on what is wrong here…
We have a Netgate with dual WAN and dual LAN ports on SFP+
One WAN and one LAN was set up first, then the other two added with the same settings as the two first.
WAN1 is the default wan on the firewall. All VLANS use it and things seem to work well so far.
WAN2 is only for LAN2. I added a firewall rule that make sure all traffic from LAN2 go out using WAN2.
But I also need to connect in to a server on the inside of LAN2. A subdomain has been set up (both WANs has fixed IP).
I have set up port forward undet NAT, which in turn created rules for WAN2. But I am not able to get any response from the server on the inside.
Is there away to log to see any attempt from a certain external IP address to try to debug this?
Diagnostics > Packet Capture
fist start with WAN 2 as interface and add the Forwarded port which should be listening on the WAN2 side.
Change count to 0 and run.
Either you can use wireshark to see the captured traffic afterwards or maybe it is already enough for your purpose to set Level of detail to high.
This will show you what comes in and where it goes. If you see the traffic here, change the capture interface to LAN2 and see if the things hit here.
Thank you. It showed me some strange results…
First of all - I tried changing the default WAN Gateway under Routing, and the forward to the most critical server now works.
BUT - I now have a problem with getting through on the WAN that is not default.
So I am wondering if I am doing something wrong with the port forwarding rules.
Another strange thing: I can ping the default WAN, but not the secondary WAN.
I did a very basic capture, and it shows
Time, the IP of the PC running FileZilla with a port that is NOT 21, then the public IP of the WAN with port 21, and then it says tcp and 0.