Hello,
I have a case that I cannot solve, or more precisely, I do not understand how it should happen ..
On the network I have there is a server with an application to which the global IP connection is made through the Cloudflare system. Let’s say in the case that the port to which should be allowed is 8000. The global IP address of the server is entered in the Cloudflare system. As a result, the server ip goes through the cloudflare proxy. (cloudflareip → server global ip) - cloudflareip: 8000 lead to serverglobalip: 8000
As a rule, I have put in NAT:
dst-nat / dst-address: cloudflareip1 / protocol: tcp / dst-port: 8000 / to-addresses: 192.168.1.100 (local ip on server)
dst-nat / dst-address: cloudflareip2 / protocol: tcp / dst-port: 8000 / to-addresses: 192.168.1.100 (local ip on server)
masquerade: src-nat / src-address: 192.168.1.0/24 / protocol: tcp / dst-port: 8000
The result is that there is a connection from the LAN to this port and through the proxy ip address of cloudflare, but no connection from foreign networks outside the LAN.
I am not aware of this whole thing and for the first time I have to configure it this way.
Ask for assistance..
Thanks!