Hi all,

I am trying to setup a NetStorage server in our DMZ. I have read through all of the TIDs and Forum resources that came up in my searches for "NetStorage DMZ" and also searched Google and have come up with the following rules. I still can't get NetStorage to work.

Here is the overview:

* The server is SLES 10 SP3 and is a member of the production tree (internal network), it has NetStorage and iManager installed but not eDir.

* I can login to NetStorage but it takes a long time.

* Initial folders are shown but if you try to access anything under them you get the message "NetStorage encountered an error while trying to access this location."

* I cannot login to iManager, I get the error message "(Error -626) The object could not be found. It is possible that the object exists, but the server could not communicate with the server holding a copy of the object."

* I can login to Remote Manager.

Here are the rules in my firewall:

POLICY Source Destination Proto Dest Port SrcPort
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 524 1024:65535
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 524 1024:65535
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 524 1024:65535
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 524 1024:65535
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 123
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 123
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 427
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 427
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 427
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 427
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 2302 1024:65535
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 2302 1024:65535
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 2645
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 2645
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 636
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 636
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 389
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 389
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 137
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 137
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 137
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 137
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 138
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 138
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 138
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 138
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 139
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 139
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 139
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 139
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 22
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 51080
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 51080
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 51443
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 51443
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 tcp 6901
#DNAT dmz:216.56.37.169 loc:172.20.0.21 tcp 6901
#ACCEPT loc:172.20.0.21 dmz:216.56.37.169 udp 6901
#DNAT dmz:216.56.37.169 loc:172.20.0.21 udp 6901

Have any of you been able to get NetStorage to work in a DMZ? Is there some magic port I don't have open yet? I have read about using iChain or Access Manager but I don't have either of those products and can't afford to get them.

Any help I could get would be great! :)

Thanks,

Justin