[ previous ] [ next ] [ threads ]
 From:  "Donnie Crump" <info at agarin dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Is my Proxy ARP working?
 Date:  Mon, 1 Aug 2005 17:06:27 -0400
If I reset the ip addresses in my IPSs router by using a test piece of
hardware and then plug that IP into the Proxy ARP screen it seems that Proxy
ARP is not updating my ISPs router cache to tell it to use that new piece of
hardware for that IP/MAC.

-----Original Message-----
From: James McKeand [mailto:james at mckeand dot biz] 
Sent: Monday, August 01, 2005 5:01 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Is my Proxy ARP working?

Donnie Crump wrote:
> I can't seem to get this to work.
> Here is my setup.
> Publics:
>             Proxy IPs:
> Gateway:
> I talked to my ISP and they said I have to ARP out any IP address I
> want to use with a piece of hardware.
> I plugged in the other static IPs under the Server NAT and under the
> Proxy ARP screens.
> Do I need to add a rule under the firewall for Proxy ARP? If so what
> should it look like?
> Do I need to enable Proxy ARP anywhere? Or is it on by default? If so
> where is the setting?
> Thanks,
> Donnie

By adding the IPs to Server NAT, you can now add Inbound NAT and
corresponding Firewall rules. You will note that now when you go to add
a Inbound NAT you can select these additional IP in the "External
Address" field of Inbound NAT rules (NAT SMTP addressed to .145 to some
private IP - for example). This will also allow you to create multiple
rules for the same protocol to different internal servers with different
external IPs (HTTP to .145, .151, and .152). I don't think you have to
add specific firewall rules for Proxy ARP.

Did the ISP mention how long the TTL was on their ARP Cache? This could
cause delay in functionality...

James W. McKeand

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch