DNAT for local network

sebad · March 7, 2019, 10:55am

Hello everyone,

My configuration:
10.1.0.0/24 - Local network [eth0.777]
10.1.0.118 - DNS server
87.x.x.x - Public IP [eth1]

I have configured destination nat for my DNS like below:
rule 102 {
description DNS
destination {
address 87.x.x.x
port 53
}
inbound-interface eth0.777
protocol tcp_udp
translation {
address 10.1.0.118
}
}

Everything is working properly, but only from public network. I cannot access my DNS server (via public IP) from Local Network. Changing inbound-interface from eth0.777 to any not working

merijn · March 7, 2019, 12:47pm

Inbound-interface should be eth1.
And to access from the local network on the public IP you need hairpin NAT.
VyOS User Guide — VyOS 1.3.x (equuleus) documentation - look under NAT Reflection.

sebad · March 7, 2019, 1:22pm

Thank you so much. Works flawlessly

system · March 9, 2019, 1:22pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.