Re: windows 2k3: inbound static mapping does not work (long, with example)

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: "Bill Grant" <not.available@online>
• Date: Thu, 14 Feb 2008 09:32:48 +1100

---

If you have a pool of public addresses, I cannot think why you are trying to use port forwarding. I would simply map one public IP from the pool to each machines on the LAN.

As you have said, using this method (called Reservations in RRAS) works if you map 207.46.10.3 to 192.168.0.20 . Why can't you map 207.46.10.4 to the private IP of the other server on the LAN?

"Giuseppina Longobardi" <giusyuscorelongobardiuscore88@xxxxxxxxx> wrote in message news:OdmfRFkbIHA.4172@xxxxxxxxxxxxxxxxxxxxxxx

Hi,
after two weeks spent googling and testing I ask for your help: you guru of
win2k3 networking :)

I want to NAT a public Address/Port to a private Address/Port using win2k3
Routing And Remote Access (a quite simple task) so I set up this test
enviroment:

Let's imagine I was given this public ip address range: 207.46.10.1/255.255.255.248(example address: don't know whom this address belongs to).

1st box (win2k3 server std edition w SP2) The NAT/Router :
- NIC a: 192.168.0.1 (private)
- NIC b: 207.46.10.2 (public)

2nd box (win2k3 server std edition w SP2) Running some custom apps
- NIC a: 192.168.0.20 (GateWay 192.168.0.1)
# custom application listening on TCP port 7020
# custom application listening on TCP port 7021

3nd box (win2k3 server std edition w SP2) Running some custom apps
- NIC a: 192.168.0.30 (GateWay 192.168.0.1)
# custom application listening on TCP port 7030
# custom application listening on TCP port 7031

All I need to be happy is allow any remote client to connect to box 2 on port 7020, 7021 and box 3 on port 7030, 7031.
So I digged into RRAS (IP Routing -> Nat/Basic Firewall -> [Public Interface] -> Properties -> Services and Ports -> Add)
and configured this 5ples:

Public Addr: on this address pool entry 207.46.10.3
Protocol: TCP
Incoming Port: 7020
Private Address: 192.168.0.20
Private Address 7020

Did the same for PubblicIP:Port -> PrivateIP:Port
207.46.10.4:7021 ->192.168.0.20:7021
207.46.10.3:7030 ->192.168.0.30:7030
207.46.10.4:7031 ->192.168.0.30:7031

Of course I configured RRAS (IP Routing -> Nat/Basic Firewall -> [Public Interface] -> Properties -> Address Pool) whith the given address range:
Start Address 207.46.10.1
Mask 255.255.255.248
End Address 207.46.10.7

In such a scenario clients fail to connect to any box because of TimeOut.
This is unexplicable to me:
from a box connected to internet (adsl modem no router/firewall) if I try to telnet 207.46.10.3 7020 I get a connection error after 15 sec
else if i try to telnet a not-natted port (example 207.46.10.3 666) I get a connection error within 2 sec.
As Far as I understand NAT server accepts incoming calls but something goes wrong while forwarding packets

If I add a reservation (example: Public IP 207.46.10.3 reserved to Private IP 192.168.0.20) remote clients are enabled to reach 2nd box but I have two problems:
1) cannot use public IP 207.46.10.3:7030 to reach 3rd box
2) 2nd box is totally accessible from internet (ok: I can manage this with a firewall or Inbound/Outbound filters)

Additional Info:
- No packet Filter configured
- UnChecked IP Routing -> Nat/Basic Firewall -> [Public Interface] -> Properties -> Enable a Basic Firewall

Beg your pardon for my bad english: pls ask for further detail if my example isn't clear.

Thank you in advance for your attention and your time :)

Giusy

.

---

• Follow-Ups:
  • Re: windows 2k3: inbound static mapping does not work (long, with example)
    • From: Giuseppina Longobardi

• References:
  • windows 2k3: inbound static mapping does not work (long, with example)
    • From: Giuseppina Longobardi

• Prev by Date: Re: remote desktop timing out. Help!
• Next by Date: Re: remote desktop timing out. Help!
• Previous by thread: windows 2k3: inbound static mapping does not work (long, with example)
• Next by thread: Re: windows 2k3: inbound static mapping does not work (long, with example)
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: Web service test page uses internal port ... Currently it seems ASP.NET webservice handler has done the http GET/POST ... get is using a custom test page to invoke the webservice via http GET/POST. ... could still develop using custom port numbers. ... Public Overloads Overrides Sub ReflectDescription() ... (microsoft.public.dotnet.framework.aspnet.webservices) Re: Remote Web Desktop Problems - Router Probs? ... Second the IIS port should be redirected to private TCP Port 2121 through ... the router not TCP Port 3389. ... Created a static IP address in control panel equal to my Private IP ... (microsoft.public.windowsxp.work_remotely) Re: using BTS with my object model ... Once the custom object is defined and compiled, ... promoting some field and receive it into an orchestration that uses the ... above xsd schema into the port and then into the orchestration ... extracting the xsd from the dll and referencing it into the port and ... (microsoft.public.biztalk.general) Re: Update utility ... >> However, once you use a source based update method, the port will not work ... since your installation will consist of custom binaries that do ... > if rebooting is needed. ... (freebsd-questions) RE: Web service test page uses internal port ... I was able to fix this issue by copying the DefaultWsdlHelpGenerator.aspx ... line of code to remove the port from the test page when it was posted to ... could still develop using custom port numbers. ... Public Overloads Overrides Sub ReflectDescription() ... (microsoft.public.dotnet.framework.aspnet.webservices)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.networking  > 2008-02