port forwarding issue
mrshahin
Newbie ✭
Hi,
I have an issue with port forwarding to an host that is in remote VPN site.
We have Site A that is behind a Sonicwall NSA3650 and Site B that is an aws VPC. There is a site 2 site vpn between Site A and B and all traffics are allowed.
Now we would like to access port 443 on a host that is on a Private subnet (that has internet connection) from one of public IPs of Site A.
I have create a Object access for the host in Site B and also create Object address for one of the public Address of the Site A on the sonicwall
This is my access rule and nat policy, but when try to access the port 443 from internet get drop.
What do I missing here?
nat policy
*Packet number: 759*
Header Values:
Bytes captured: 66, Actual Bytes on the wire: 66
Packet Info(Time:09/01/2021 13:10:13.576):
in:X1*(interface), out:--, DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network), (Ref.Id: _2122_iboemfCpvodfUsbggjd), 1:2)
Ethernet Header
Ether Type: IP(0x800), Src=[00:08:e3:ff:fc:14], Dst=[2e:b8:ed:2f:0c:01]
IP Packet Header
IP Type: TCP(0x6), Src=[217.XX.XX.30], Dst=[194.XX.XX.66]
TCP Packet Header
TCP Flags = [SYN,], Src=[59454], Dst=[443], Checksum=0x4ca0
Answers
Up Date, I did change the Destnation of Access rule and Oreginal destenation of nat policy from X1 IP to object access of public IP that we and this time the logs show no drop but still unable to access the website:
*Packet number: 158*
Header Values:
Bytes captured: 66, Actual Bytes on the wire: 66
Packet Info(Time:09/01/2021 13:55:37.768):
in:X1*(interface), out:--, Consumed, Module Id:20, 1:2) VPN policy: AWS Tunnel New#1
Ethernet Header
Ether Type: IP(0x800), Src=[00:08:e3:ff:fc:14], Dst=[2e:b8:ed:2f:0c:01]
IP Packet Header
IP Type: TCP(0x6), Src=[217.XX.XX.30], Dst=[194.XX.XX.66]
TCP Packet Header
TCP Flags = [SYN,], Src=[63145], Dst=[80], Checksum=0x4073
Application Header
HTTP