[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Multiple IPs on WAN
 Date:  Wed, 19 Oct 2005 21:00:10 -0400
On 10/19/05, Andrew M. Gehring <agehring at netze dot net> wrote:
> I installed 1.2 on a soekris 4501, and I'm trying to get a NAT to the DMZ
> working.
> I have a /28 network, but can't get any NAT configs to work on addresses
> above the "hard" ip for the WAN interface.
> example:
> is the WAN interface
> If I setup a NAT to a system on the DMZ @ 114 it works.
> If I setup a NAT to 115 (after defining it in Server NAT), it fails.
> I do have Proxy ARP for a range 114-126 defined on the WAN interface.
> I dont' see anything in the logs...

Make the rules permitting traffic through those NAT entries logging
entries, and see if you then see anything in the firewall logs.  If
not, either proxy ARP isn't setup correctly, or those IP's aren't
routed to you, or if they were previously used by other devices it's
possible an upstream device still has the old MAC addresses in its ARP