Menu
▾
▴
Re: [Astlinux-users] Config NAT Loopback
|
From: Lonnie A. <li...@lo...> - 2022-07-20 15:59:29
|
Hi David, Interesting ... yes, as you suggested, setting the NAT EXT->LAN "Source" rule to only the local LAN(s) (ex. 192.168.1.0/24) should be what you need to limit "loopback" to only local IPs for a particular NATed port. Can't say I ever needed that, but should work. Best to test hitting you external interface from the outside with the associated "loopback" port and make sure it is not allowed in. Lonnie > On Jul 20, 2022, at 8:31 AM, David Kerr <da...@ke...> wrote: > > Is it possible to configure NAT Loopback on its own... ie, without opening NAT->LAN for all sources? > > I have a problem where my employer's VPN is hijacking DNS so name resolution for my internal hosts is always getting routed to the VPN's supplied DNS which will not resolve to my internal IP address, so traffic is getting sent to my external IP address. > > Loopback works, I can set a port number to forward but I don't want to open the firewall port to any external client, only to a client on my internal network. > > It looks like I can set Source IP to e.g. 192.168.1.0/24 and that will setup the firewall rules. But is that the best and/or safe way to do it? > > Thanks > David > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
