The final part of this series is to configure the router to enable port forwarding to the internal server. In the Vyatta documentation, this is called Destination NAT (One-to-One).
For a SBS 2003 or SBS 2008 installation, the following ports need to be forwarded to the server – 25 (SMTP), 443 (HTTPS), 4125 (RWW on SBS2003), 987 (RWW on SBS2008). Additionally, once could forward port 3389 (Remote Desktop) if direct terminal access is required.
The command sequence to set up port forwarding for a port (ie. SMTP) is as follows:
set service nat rule 10 description NAT_SMTP << give it a number and a name
set service nat rule 10 inbound-interface eth0 <<the external NIC
set service nat rule 10 destination port smtp <<can also use the port number – 25
set service nat rule 10 inside-address address 192.168.100.202 <<the IP of your internal server
set service nat rule 10 protocol tcp <<the vyatta manual incorrectly states “protocols”
set service nat rule 10 type destination
Repeat the above, changing the rule number, name, and port number/name.
That’s it. Once the router is set up, it will bridge the private network in HyperV to the external LAN, which will enable testing of the SBS environment apart from the live production network.