Hi, We set up a rras server using windows server 2012, right now, it connects successfully to LAN, domain, and sub-domains connected to the main network, however, when we try to connect via the internet, it can’t reach the rras server. on our vyos we allow 1723, 1701, 500, 4500, gre, esp and nat it. On our rras ipv4 nat it is showing mappings but won’t connect. TIA
eth1 -> interface to internet
eth0 -> to our private network
Our configuration(firewall, interface and nat):
firewall {
name WAN_IN {
}
rule 10 {
action accept
destination {
port 1723
}
protocol tcp_udp
state {
established enable
new enable
related enable
}
}
rule 11 {
action accept
protocol gre
state {
established enable
new enable
related enable
}
}
rule 12 {
action accept
destination {
port 1701
}
protocol tcp_udp
state {
established enable
new enable
related enable
}
}
rule 13 {
action accept
destination {
port 4500
}
protocol tcp_udp
state {
established enable
new enable
related enable
rule 12 {
action accept
destination {
port 500
}
protocol tcp_udp
state {
established enable
new enable
related enable
rule 14 {
action accept
destination {
port esp
}
protocol tcp_udp
state {
established enable
new enable
related enable
}
}
interfaces {
ethernet eth0 {
address 10.0.0.x/24
duplex auto
smp_affinity auto
speed auto
}
ethernet eth1 {
address <our_public_ip_address>
address <our_public_ip_address>
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
nat {
destination {
rule 3 {
destination {
address <pub_ip>
port 500
}
inbound-interface eth1
protocol tcp_udp
translation {
address 10.0.2.x
port 500
}
}
rule 4 {
destination {
address <pub_ip>
port 4500
}
inbound-interface eth1
protocol tcp_udp
translation {
address 10.0.2.x
port 4500
}
}
rule 5 {
destination {
address <pub_ip>
}
inbound-interface eth1
protocol esp
translation {
address 10.0.2.x
}
}
rule 6 {
destination {
address <pub_ip>
port 1723
}
inbound-interface eth1
protocol tcp_udp
translation {
address 10.0.2.x
port 1723
}
}
rule 7 {
destination {
address <pub_ip>
}
inbound-interface eth1
protocol gre
translation {
address 10.0.2.x
}
}
rule 8 {
destination {
address <public_ip>
port 1701
}
inbound-interface eth1
protocol tcp_udp
translation {
address 10.0.2.x
port 1701
}
}
source {
rule 10 {
outbound-interface eth1
source {
address 10.0.2.x/26
}
translation {
address <pub_ip>
}
}