[ previous ] [ next ] [ threads ]
 
 From:  <spamcop at ok dot ru>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Multiple IP on WAN connection problem.
 Date:  Sat, 21 Jan 2006 17:11:24 +0300 
Our ISP has allocated to us 111.111.111.65/28 static 
address space.
We're use's follow schema:

111.111.111.65 - ISP router

172.16.1.253/24 - LAN
111.111.111.67/28 - WAN
192.168.3.253/24 - DMZ
192.168.4.253/24 - LAN2

192.168.3.4 - our mail server placed in DMZ

What's we sets:
Firewall: NAT: Server NAT: 
111.111.111.72

Firewall: NAT Inbound: 
If -> WAN, Proto -> TCP, Ext. port range -> 25 (SMTP), 
NAT IP -> 192.168.3.4 (ext.: 111.111.111.72),
Int. port range -> 25 (SMTP)

Services: Proxy ARP:
Interface -> WAN, Network -> 111.111.111.72

Firewall: Rules: WAN:
pass Proto -> TCP, Source -> any, Port -> any, 
Destination -> 192.168.3.4, Port -> 25 (SMTP)

Firewall: Rules: LAN:
pass Proto -> any, Source -> LAN net, Port -> any, 
Destination -> any, Port -> any

Firewall: Rules: DMZ:
pass Proto -> any, Source -> any, Port -> any, 
Destination -> any, Port -> any

$ telnet 111.111.111.72 25
Trying 111.111.111.72...
telnet: connect to address 111.111.111.72: Connection 
refused

Diagnostics: Logs: Firewall:
Act: accept, Time: 16:39:00.692952, If: WAN, 
Source: 85.21.108.189, port 2305, 
Destination: 192.168.3.4, port 25, Proto: TCP

$ netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags    Refs 
     Use  Netif Expire
default            111.111.111.65     UGSc        3 
       0    sk0
127.0.0.1          127.0.0.1          UH          0 
       0    lo0
172.16.1/24        link#1             UC          0 
       0    rl0
192.168.3          link#3             UC          2 
       0   fxp0
192.168.3.4        xx:xx:xx:xx:xx:xx  UHLW        0 
       6   fxp0   1004
192.168.3.253      xx:xx:xx:xx:xx:xx  UHLW        0 
       0    lo0
111.111.111.64/28  link#2             UC          1 
       0    sk0
111.111.111.65     xx:xx:xx:xx:xx:xx  UHLW        4 
       0    sk0    938

$ ifconfig
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> 
mtu 1500
	options=40<POLLING>
	inet 172.16.1.253 netmask 0xffffff00 broadcast 
172.16.1.255
	ether xx:xx:xx:xx:xx:xx
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
sk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> 
mtu 1500
	inet 111.111.111.67 netmask 0xfffffff0 broadcast 
111.111.111.79
	ether xx:xx:xx:xx:xx:xx
	media: Ethernet autoselect (100baseTX 
<full-duplex,flag0,flag1>)
	status: active
fxp0: 
flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> 
mtu 1500
	options=40<POLLING>
	inet 192.168.3.253 netmask 0xffffff00 broadcast 
192.168.3.255
	ether xx:xx:xx:xx:xx:xx
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
sk1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
	ether xx:xx:xx:xx:xx:xx
	media: Ethernet autoselect (1000baseTX <half-duplex>)
	status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	inet 127.0.0.1 netmask 0xff000000

Can some one help please, what's wrong?

Thanks.

Alexander,
---
Professional hosting for everyone - http://www.host.ru