I have re-kagiggered my ip range and netmask and re-setup my vpn and everything is working fine - with the exception of my firewall port-forwards (which I thought would be the easiest part!!)
Here are my port-forwards:
Here is my sftp port-forward configuration:
- I can successfully connect locally by sftp to the host (megabyte) or its IP address, but when I try to remotely connect the wan-side port (via the wan IP address), nothing happens (it eventually times out)
- If I try to connect to the host via the FQDN from inside my network (which used to work) it times out also.
- On the other hand, I am able to access the sftp server from inside my network by going to the WAN address like this:
sftp -p123 my.wan.ip.address
I have tried with and without NAT Loopback.
I just discovered that TWO of my port forwards (sprinklers and ted) are working here is one of them:
I am able to get to them from outside (OR INSIDE ) of my network via:
http://my.ip.address.whatever:456
and
http://my.domain.com:456
OK... I figured out that this:
iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 10.13.0.1
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 10.13.0.1
has hosed this up. The problem is, without this, I cannot access my hosts locally by hostname.
Any suggestions?


