Добрый день!
Было правило которое публиковало порт на подключении wan1 и правило работало. Попытался опубликовать на DMZ подключении, при попытках подключения извне в логах выдаётся:
Код:
6000051 Default_Access_Rule TCP dmz ruleset_drop_packet drop
Правила публикации:
SAT
Код:
DFL-860E:/> show IPRule 3
Property Value
--------------------- ------------------------------
Index: 3
Name: RDP_SAT
Action: SAT
SourceInterface: any
SourceNetwork: all-nets
DestinationInterface: core
DestinationNetwork: InterfaceAddresses/dmz_ip
Service: Privat_GUI
Schedule: <empty>
SATTranslate: DestinationIP (Destination IP)
SATTranslateToIP: LAN/Server
SATTranslateToPort: 3389
SATAllToOne: No
LogEnabled: Yes
LogSeverity: Default
Comments: <empty>
ALLOW:
Код:
DFL-860E:/> show IPRule 4
Property Value
--------------------- -------------------------
Index: 4
Name: RDP_Allow
Action: Allow
SourceInterface: any
SourceNetwork: all-nets
DestinationInterface: core
DestinationNetwork: InterfaceAddresses/dmz_ip
Service: Privat_GUI
Schedule: <empty>
LogEnabled: Yes
LogSeverity: Default
Comments: <empty>
NAT
Код:
DFL-860E:/> show IPRule 5
Property Value
--------------------- -------------------------------------------
Index: 5
Name: RDP_NAT
Action: NAT
SourceInterface: VLAN_5
SourceNetwork: LAN/Server
DestinationInterface: Uplink
DestinationNetwork: all-nets
Service: all_tcpudpicmp
Schedule: <empty>
NATAction: UseInterfaceAddress (Use interface address)
LogEnabled: Yes
LogSeverity: Default
Comments: <empty>
Правило маршрутизации:
Код:
show RoutingRule 4
Property Value
--------------------- ------------
Index: 4
Name: Server-OUT
ForwardRoutingTable: DMZ
ReturnRoutingTable: DMZ
SourceInterface: VLAN_5
SourceNetwork: LAN/Server
DestinationInterface: wan1
DestinationNetwork: all-nets
Service: all_tcpudp
Schedule: <empty>
LogEnabled: Yes
LogSeverity: Default
Comments: <empty>
Код:
DFL-860E:/> show RoutingRule 3
Property Value
--------------------- ------------
Index: 3
Name: Server-IN
ForwardRoutingTable: DMZ
ReturnRoutingTable: DMZ
SourceInterface: wan1
SourceNetwork: all-nets
DestinationInterface: VLAN_5
DestinationNetwork: LAN/Server
Service: all_tcpudp
Schedule: <empty>
LogEnabled: Yes
LogSeverity: Default
Comments: <empty>