Title: RED interface with 2 public ips in different subnets Post by: dmusi on Tuesday 04 September 2012, 08:51:22 am Hi all,
I recieved from the ISP 2 ips assigned to the cablem modem, Ip1: 190.x.x.x Ip2: 186.x.x.x netmask 255.255.255.240 default 190.x.x.x I configured the red with the 190 and the extra in the more ips, then I configure the green with the 192.168.1.x, the blue with 192.168.2.x and the orange to 192.168.3.x The problem is when I want to configure the Ip2 public to the orange servers, so I configured the DNAT and SNAT like in the tutorials but still can rich the orange subnet I can not see packets reaching the orange network... Can anyone give me a hand Thanks Daniel Title: Re: RED interface with 2 public ips in different subnets Post by: fqureshi on Tuesday 04 September 2012, 08:54:30 am Have you created rule for incoming routed traffic. Otherwise your firewall will drop all the packets coming on the red interface and if you do not have incoming routed traffic rule.
Title: Re: RED interface with 2 public ips in different subnets Post by: dmusi on Tuesday 04 September 2012, 09:05:41 am hi fqureshi, thanks for the reply
Yes I did try the incoming source 186.x.x.x/24 destination ORANGE any allow is this ok? Then I have the SNAT source 192.168.3.0/24 destination RED NAT to 186.x.x.x and also I have port forwarding the incoming 186.x.x.x port 80 to 192.168.3.250:80 allow Any idea? may be because the 186.x.x.x do not have a valid default gateway?? Title: Re: RED interface with 2 public ips in different subnets Post by: fqureshi on Tuesday 04 September 2012, 09:12:30 am Your scenario is bit complex I think. You should first try if your live IPs are working (routed through ISP)
You might have to remove source NAT as you are already using port forwarding . In my case I am not using SNAT rules. I have just defined the incoming routed traffic rule which is Source: ANY Destination: MY LIVE IPs SERVICE: ANY POLICY:ALLOW Similarly one more rule in the incoming routed traffic: SOURCE:MY LIVE IPs DESTINATION:RED SERVICE:ANY POLICY:ALLOW According to rules you have created, below one is correct as you have asked: source 186.x.x.x/24 destination ORANGE any allow Title: Re: RED interface with 2 public ips in different subnets Post by: dmusi on Saturday 15 September 2012, 07:07:03 am Looks like I got the problem,
the ISP provider, reserved 2 public ips to the RED mac of the endian, and they will be assigned with the dhcp request. First question: Endian has the ability to retrieve more than 1 ip from DHCPREQUEST?? Starting from there :) Cherrs, Daniel |