RE: [m0n0wall] Problems using multiple IP addresses on m0n0wall

From:	"James W. McKeand" <james at mckeand dot biz>
To:	"'Monowall \(E-mail\)'" <m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] Problems using multiple IP addresses on m0n0wall
Date:	Wed, 9 Feb 2005 14:19:57 -0500

Travis Zadikem wrote:
> Can someone please tell me why m0n0wall 1.11 is having problems with
> my multiple IP addresses?
> I have DNS setup with 2 IP address (64.207.38.4 and 64.207.38.2)  My
> main WAN IP address on our firewall
> is 64.207.38.2
> In the aliases on the firewall I have the following:
> mail  64.207.38.4  Mail1
> web  64.207.38.2   Mail2
> 
> My NAT has the following:
> 
> WAN  TCP  25 (SMTP)  192.168.1.160
> (ext.: 64.207.38.4)  25 (SMTP)  SMTP to Mail2
> WAN  TCP  25 (SMTP)  192.168.1.55  25 (SMTP)
> WAN  TCP  80 (HTTP)  192.168.1.160  80 (HTTP)
> WAN  TCP  110 (POP3)  192.168.1.55  110 (POP3)
> WAN  TCP  443 (HTTPS)  192.168.1.160  443 (HTTPS)  Webmail on new
mail
> server
> WAN  TCP/UDP  143 (IMAP)  192.168.1.55  143 (IMAP)
> 
> Externally I can telnet to port 25 of 64.207.38.2 and it works just
> fine.  I can
> not telnet to port 25 of 64.207.38.4 or port 110 or port 143 but I
> can from inside the firewall.  What appears to be the problem??

Add 64.207.38.4 on the Server NAT page. Depending on your WAN setup
you also may need Proxy ARP. Then when you create your inbound NATs
you will be able to select the "interface address" or Server NAT IP as
the "External Address".

Aliases are shortcuts for NAT and firewall creation. Anywhere you see
a blue field you can use an alias instead of an IP address. If you
need to change the private IP of a machine, just edit the alias, not
all of the rules pertaining to that IP.

_________________________________
James W. McKeand