Hi all,

I am trying to setup a NetStorage server in our DMZ. I have read through all of the TIDs and Forum resources that came up in my searches for "NetStorage DMZ" and also searched Google and have come up with the following rules. I still can't get NetStorage to work.

Here is the overview:

* The server is SLES 10 SP3 and is a member of the production tree (internal network), it has NetStorage and iManager installed but not eDir.

* I can login to NetStorage but it takes a long time.

* Initial folders are shown but if you try to access anything under them you get the message "NetStorage encountered an error while trying to access this location."

* I cannot login to iManager, I get the error message "(Error -626) The object could not be found. It is possible that the object exists, but the server could not communicate with the server holding a copy of the object."

* I can login to Remote Manager.

Here are the rules in my firewall:

POLICY Source Destination Proto Dest Port SrcPort
#ACCEPT loc: dmz: tcp 524 1024:65535
#DNAT dmz: loc: tcp 524 1024:65535
#ACCEPT loc: dmz: udp 524 1024:65535
#DNAT dmz: loc: udp 524 1024:65535
#ACCEPT loc: dmz: udp 123
#DNAT dmz: loc: udp 123
#ACCEPT loc: dmz: tcp 427
#DNAT dmz: loc: tcp 427
#ACCEPT loc: dmz: udp 427
#DNAT dmz: loc: udp 427
#ACCEPT loc: dmz: tcp 2302 1024:65535
#DNAT dmz: loc: tcp 2302 1024:65535
#ACCEPT loc: dmz: udp 2645
#DNAT dmz: loc: udp 2645
#ACCEPT loc: dmz: tcp 636
#DNAT dmz: loc: tcp 636
#ACCEPT loc: dmz: tcp 389
#DNAT dmz: loc: tcp 389
#ACCEPT loc: dmz: tcp 137
#DNAT dmz: loc: tcp 137
#ACCEPT loc: dmz: udp 137
#DNAT dmz: loc: udp 137
#ACCEPT loc: dmz: tcp 138
#DNAT dmz: loc: tcp 138
#ACCEPT loc: dmz: udp 138
#DNAT dmz: loc: udp 138
#ACCEPT loc: dmz: tcp 139
#DNAT dmz: loc: tcp 139
#ACCEPT loc: dmz: udp 139
#DNAT dmz: loc: udp 139
#DNAT dmz: loc: tcp 22
#ACCEPT loc: dmz: tcp 51080
#DNAT dmz: loc: tcp 51080
#ACCEPT loc: dmz: tcp 51443
#DNAT dmz: loc: tcp 51443
#ACCEPT loc: dmz: tcp 6901
#DNAT dmz: loc: tcp 6901
#ACCEPT loc: dmz: udp 6901
#DNAT dmz: loc: udp 6901

Have any of you been able to get NetStorage to work in a DMZ? Is there some magic port I don't have open yet? I have read about using iChain or Access Manager but I don't have either of those products and can't afford to get them.

Any help I could get would be great! :)