Posts: 6191
Threads: 124
Joined: November 13, 2009
Reputation:
70
RE: Home network configuration problem
January 20, 2014 at 1:55 pm
The fault is in your firewall settings.
The source network is pretty clear - why not pass traffic through the firewall to the SFTP server?
Slave to the Patriarchy no more
Posts: 2887
Threads: 132
Joined: May 8, 2011
Reputation:
31
RE: Home network configuration problem
January 20, 2014 at 2:05 pm
That's what I want to do. The servers are in a dmz. I can see the mail/web server. I may be going all the way out then looking back in when I see it though?
Save a life. Adopt a greyhound.
![[Image: JUkLw58.gif]](https://i.imgur.com/JUkLw58.gif)
Posts: 6191
Threads: 124
Joined: November 13, 2009
Reputation:
70
RE: Home network configuration problem
January 21, 2014 at 1:19 am
What you haven't illustrated is the outbound connection to the Internet - I assume that the web/mail server is indeed exposed to the outside.
It could be that the firewall rule that allows inbound traffic to the Web server supersedes the rule that would allow your internal traffic to the SFTP server.
In the firewall softwares I have dealt with, rules are evaluated linearly until a match is found. A mistake in ordering for your outbound and inbound traffic rules could be causing the issue.
If you have an internal IP address assigned to the web/mail server and an external IP address, then accessing it will indicate if you're coming in from the outside or inside.
As you're using a third-party solution, I have little expertise in the matter. My domain of knowledge is with IPF and PF rulesets, which can be tested individually and composed together.
Slave to the Patriarchy no more
Posts: 19660
Threads: 177
Joined: July 31, 2012
Reputation:
91
RE: Home network configuration problem
January 21, 2014 at 4:45 am
Wow, so many power vampires!
Why don't you connect the mail nas servers to the switch where you have the media server?
Posts: 1353
Threads: 44
Joined: April 21, 2013
Reputation:
18
RE: Home network configuration problem
January 21, 2014 at 5:04 am
(This post was last modified: January 21, 2014 at 5:09 am by Dragonetti.)
Does your firewall perform routing?
Does your firewall have rules to allow SFTP access for internal and external networks?
Does your manage switch have layer three functions?
I am use to CISCO gear, I would move everything to the manage switch and use VLANs to setup and DMZ, and allow the switch or router to route between devices. Use ACLs for access to the internal network and firewall for external dynamic entry.
I would also use EIGRP for IGP, and a default route for external.
Imagination will often carry us to worlds that never were. But without it we go nowhere. - Carl Sagan
Professional Watcher of The Daily Show and The Colbert Report!
![[Image: HomeNetwork_zpsda82d087.jpg]](https://images.weserv.nl/?url=i47.photobucket.com%2Falbums%2Ff158%2Fpopeyespappy%2FHomeNetwork_zpsda82d087.jpg)
![[Image: AltHomeNetwork_zps0e4fbc9a.jpg]](https://images.weserv.nl/?url=i47.photobucket.com%2Falbums%2Ff158%2Fpopeyespappy%2FAltHomeNetwork_zps0e4fbc9a.jpg)
