Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 28 November 2024, 09:43:56 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  Installation Support
| | |-+  Snat and nat
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Snat and nat  (Read 9868 times)
macgvr
Jr. Member
*
Offline Offline

Posts: 1


« on: Wednesday 15 April 2015, 04:25:52 am »

I am trying to test the Endian FW to see if it will do what I need it to do. I am trying to setup NAT and SNAT using secondary ip addresses. Here is the issue I have. I have been assigned two addresses for the gateway and my firewall. Let say they are 60.1.0.1 and 60.1.0.2/30. I have been assigned static ip addresses, lets say those are 60.1.2.1/29 . On other firewalls I have used Proxy arp or virtual ip addresses but with Endian it appears that I have to assign those secondary ip addresses under Network and Interfaces. Then I can create the NAT entries and use those addresses in the configuration.

I have tried to do that but it doesn't work. I think if the addresses were all in the same sub net it would be fine. Now, the way I am testing may be why I am failing to get this to work. I have a nasty feeling that because I am trying this in a test network that I don't have the proper routing setup to make the NAT setup work.

Here is what I actually have in my test network.
Internet box - 192.168.2.2 <-> 192.168.2.8 - EndianFW - 192.168.0.2 - internal network 
                                            |_ 192.168.2.39 - test computer

I added a secondary ip of 192.168.3.1 and then setup a nat pointing that address to an internal computer with ip of 192.168.0.100. It simply won't work.  If I create a nat that uses 192.168.2.8 pointed to 192.168.0.100 it works just fine.

I have connected a test computer(192.168.2.39) in between the Internet box and the EndianFW to test the NAT. I also created a NAT in the Internet box and pointed it to 192.168.3.1 and tested from outside our network but it also failed.

I checked the arp table on the test computer after pinging the 192.168.3.1 address and it doesn't show up in the arp list. The 192.168.2.8 does show up. That concerns me and makes me think this isn't going to work.

Any ideas? Am I crazy and should I simply connect this to our live network and try it there?
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.094 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com