[ previous ] [ next ] [ threads ]
 
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Server NAT does not work?
 Date:  Mon, 11 Apr 2005 08:50:08 -0400
Roman Kuznetsov wrote:
> Hello,
> 
> we have an official static /27-subnet and are trying to "assign"
more
> addresses to the WAN interface by defining entries in Server NAT, as
> it is stated in the docs.
> 
> Then we do Inbound NAT to map a port from that secondary IP address
> to some internal machine. This does not work: the connections do not
> get established. 
> 
> It does work, however, if we do the mapping through the promary WAN
> address. 
> 
> What's wrong?
> 
> Thank you,
> Roman.
> 
> PS. We do need more addresses on WAN as we need different machines
to
> talk to from outside using the same ports.

It may be the ARP cache on your ISPs routers - some ISPs have
unreasonably long TTLs on their ARP caches. If this is the case you
will just have to wait for the cache to expire.

Or you may also need to add the additional IPs to ARP Proxy (Services
-> Proxy ARP).

_________________________________
James W. McKeand