Answer the question
In order to leave comments, you need to log in
G
G
gudron2016-05-12 21:04:39
gudron, 2016-05-12 21:04:39
VyOS. How to forward external IPs to internal ones in the local network?
Good day to all.
I figured out how to work in VyOS. Configured interfaces, configured the main gateway, configured users. There are no problems with this ..
There is a problem with forwarding everything that comes to several external IPs to how internal they are. At the moment, it is necessary to forward essentially One-to-One. That is, everything coming, for example, to 120.13.123.123, should be forwarded inside to the local address 10.0.100.3.
If closer to the body, then we have the following:
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 120.13.123.20/24 u/u MAIN-WAN
eth1 10.0.101.2/24 u/u LAN
eth2 120.13.123.123/24 u/u TEST-1-WAN
eth3 120.13.123.124/24 u/u TEST-2-WANI want everything coming to eth2 (120.13.123.123) to be forwarded to the local network through eth1 to the local address (10.0.100.3).
What I am currently doing is forwarding to One-to-One, following the example from Off. guide and just some article on the internet .
set nat source rule 10 source address 10.0.100.3
set nat source rule 10 outbound-interface eth1
set nat source rule 10 translation address 120.13.123.123
set nat destination rule 10 inbound-interface eth2
set nat destination rule 10 destination address 120.13.123.123
set nat destination rule 10 translation address 10.0.100.3But unfortunately it doesn't work. Ping does not work, telnet too, in general, it is impossible to reach the end machine on the local network.
Thanks in advance.
2 answer(s)
@gudron
Here VyOS changes eth0/eth2 on its own, regardless of any settings:
Code:
Everything I set up just lays on top of the table. but this route does not cancel.
The casket opened terribly simply. Tritely tied several external ip to one network interface.
I came up with the same question but on another forum .
@satoo
G
gudron, 2016-05-16 @gudron
It clears things up a bit.
There is a problem through which interface VyOs gives a response to ping and so on.
That is, the ping comes where it is needed, let's say on
eth3 120.13.123.124/24 u / u TEST-2-WAN
but the answer goes through another interface in my case it is eth3, and therefore through eth2 120.13.123.123/24 u / u TEST-1- WAN.
VyOs is extremely strange and chooses this interface on its own.
If I disable the eth2 and eth3 network adapters in the VM settings, then VyOS communicates normally via
eth0 120.13.123.20/24 u/u MAIN-WAN
If I enable eth2 and eth3 again in the VM settings, then VyOS selects eth2 on its own.
I just can’t overcome the line that always remains in the routes table:
default via 120.13.123.254 dev eth2 proto zebra
10.0.101.0/24 dev eth1 proto kernel scope link src 10.0.101.2
127.0.0.0/8 dev lo proto kernel scope link src 127.0.0.1
120.13.123.0/24 dev eth2 proto kernel scope link src 120.13.123.123
120.13.123.0/24 dev eth0 proto kernel scope link src 120.13.123.20
120.13.123.0/24 dev eth3 proto kernel scope link src 120.13.123.124Here VyOS changes eth0/eth2 on its own, regardless of any settings:
Code:
Everything I set up just lays on top of the table. but this route does not cancel.
The casket opened terribly simply. Tritely tied several external ip to one network interface.
I came up with the same question but on another forum .
S
satoo, 2016-05-14 @satoo
compare, it looks like an error in the interfaces
set nat source rule 10 source address 10.0.100.3
set nat source rule 10 outbound-interface eth2
set nat source rule 10 translation address 120.13.123.123
set nat destination rule 10 inbound-interface eth2
set nat destination rule 10 destination address 120.13.123.123
set nat destination rule 10 translation address 10.0.100.3
Similar questions
N
V
A
I
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question