Jesse Guardiani wrote:

>Kev Latimer wrote:
>
>  
>
>>I'm even making an arse of replying to emails now, this really isn't a
>>good day!
>>
>>As should have said:
>>
>>Josh - I didn't set any outbound NAT entries, OPT2 itself should (I
>>think) only be seen but the m0n0 as it is purely to be an IPSEC
>>endpoint, all the LAN traffic being routed up the tunnel.  That said, I
>>did exactly as you explained below and still no luck.  Running 1.11 on a
>>CF card on an Epia PD1000.
>>
>>Jesse - how did you get your OPT interface to respond to pings?  If I
>>can get that bit right I think I'll stand a chance of kludging the rest
>>together :)
>>    
>>
>
>Action....: Pass
>Interface.: WAN
>Protocol..: ICMP
>Source....: Any
>Source Rng: Any -> Any
>Dest......: My WAN IP Address
>Dest Rng..: Any -> Any
>
>I also have a rule allowing UDP 33435 -> 33524 to the same WAN IP. This
>allows traceroutes.
>
>  
>
Is there any way at all to get an OPT interface to respond to anything 
on a public IP?  I've tried plugging it into a couple of ADSL routers on 
a number of different IP's and no matter what rules I put in place (that 
have the desired effect when applied to the WAN interface) the firewall 
logs still show all these pings, traceroutes and IPSec/ESP attempts 
being blocked.

I think I really need a definitive answer here - can I actually have 
multiple public IP's using OPT interfaces on a m0n0.  I'm tearing my 
hair out here, I cannot see what I'm doing wrong!

Help!

Kev