connection from the extranet to the intranet

[freebsd@weronet.com]

Hello IpfList.

This is my first time writing to this list. Yesterday I subscript and I

don't get any mail since yesterday. So this will also be a check

if I'm 'online'  with this ipflist.

I'm from Austria near Vienna and I'm usually a programmer for this

company. Now I had to make a connection from the extranet

to the intranet via a gateway to run a script for a backup to

a winxp-Box sitting behind in priv-lan 192.168.1.0

 

My net looks like:

 ISP

 |

v

my bay_router nic 213.47.208.161

 |

v

www-server nic 213.47.208.162 with ipf-firewall

|

v

      ext_if 213.47.208.168

Gateway with ipf-firewall

      int_if  192.168.1.1

|

v

winxp-Box  nic 192.168.1.91

what I tried

1.) I shutdown all ipf-firewalls and tried  a ping from www-server to

    the winxp-box - was ok and ping from winxp-box to www-server was also ok.

2.) I run from www-server: route -n add 192.168.1.91/32 213.47.208.168 and

 

    afterwards:

    mount_smbfs 192.168.1.91  //user@winxpname/sharedir   /usr/mountpoint 

    error: Operation time out (I guess, due to missing rdr on the gateway?

)

3.) I run the same from Gateway  and it was ok, sharedir was mounted.

   (syntax  check)

4.)startipf-firewall on Gateway and put this rules on top

    pass  in  quick proto tcp  from any  to any port =3D 445 keep state

    pass  out quick proto tcp  from any  to any port =3D 445 keep state

    pass  in  quick proto tcp  from any  to any port =3D 139 keep state

    pass  out quick proto tcp  from any  to any port =3D 139 keep state

    and in ipnat.conf

    rdr ep0 0.0.0.0/0 port 445 -> 192.168.1.91 port 445

    rdr ep0 0.0.0.0/0 port 139 -> 192.168.1.91 port 139

    run again on www-server:  mount_smbfs .....  after a short time

            error:    Operation time out ?????  

of course I tried many other rule setting with no success so I hope some

of you can give me a hint what I'm doing wrong.

Tia

Ron