Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 30 December 2024, 12:32:35 am

Login with username, password and session length

Download the latest community FREE version  HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  RED interface with 2 public ips in different subnets
0 Members and 6 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: RED interface with 2 public ips in different subnets  (Read 12640 times)
dmusi
Jr. Member
*
Offline Offline

Posts: 3


« on: Tuesday 04 September 2012, 08:51:22 am »

Hi all,

I recieved from the ISP 2 ips assigned to the cablem modem,
Ip1: 190.x.x.x
Ip2: 186.x.x.x
netmask 255.255.255.240
default 190.x.x.x

I configured the red with the 190 and the extra in the more ips, then I configure the green with the 192.168.1.x, the blue with 192.168.2.x and the orange to 192.168.3.x

The problem is when I want to configure the Ip2 public to the orange servers, so I configured the DNAT and SNAT like in the tutorials but still can rich the orange subnet

I can not see packets reaching the orange network...
Can anyone give me a hand
Thanks
Daniel
Logged
fqureshi
Sr. Member
****
Offline Offline

Posts: 126


« Reply #1 on: Tuesday 04 September 2012, 08:54:30 am »

Have you created rule for incoming routed traffic. Otherwise your firewall will drop all the packets coming on the red interface and if you do not have incoming routed traffic rule.
Logged
dmusi
Jr. Member
*
Offline Offline

Posts: 3


« Reply #2 on: Tuesday 04 September 2012, 09:05:41 am »

hi fqureshi, thanks for the reply

Yes I did try the incoming

source 186.x.x.x/24 destination ORANGE any allow

is this ok?

Then I have the SNAT
source 192.168.3.0/24 destination RED NAT to 186.x.x.x

and also I have port forwarding the incoming 186.x.x.x port 80 to 192.168.3.250:80 allow


Any idea? may be because the 186.x.x.x do not have a valid default gateway??
Logged
fqureshi
Sr. Member
****
Offline Offline

Posts: 126


« Reply #3 on: Tuesday 04 September 2012, 09:12:30 am »

Your scenario is bit complex I think. You should first try if your live IPs are working (routed through ISP)

You might have to remove source NAT as you are already using port forwarding . In my case I am not using SNAT rules. I have just defined the incoming routed traffic rule which is

Source: ANY
Destination: MY LIVE IPs
SERVICE: ANY
POLICY:ALLOW

Similarly one more rule in the incoming routed traffic:

SOURCE:MY LIVE IPs
DESTINATION:RED
SERVICE:ANY
POLICY:ALLOW

According to rules you have created, below one is correct as you have asked:

source 186.x.x.x/24 destination ORANGE any allow

Logged
dmusi
Jr. Member
*
Offline Offline

Posts: 3


« Reply #4 on: Saturday 15 September 2012, 07:07:03 am »

Looks like I got the problem,
the ISP provider, reserved 2 public ips to the RED mac of the endian, and they will be assigned with the dhcp request.
First question: Endian has the ability to retrieve more than 1 ip from DHCPREQUEST??

Starting from there Smiley

Cherrs,
Daniel
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com