[ previous ] [ next ] [ threads ]
 
 From:  "Miguel Dilaj" <nekromancer at lycos dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Problem with public IP address in internal network
 Date:  Mon, 13 Feb 2006 17:21:23 -0500
Hi all,

New list member here. Tried to find an answer to my problem (even Google for "public IP address" in
m0n0.ch!) but I was too stupid to find an answer :(

DISCLAIMER: for the purpose of my explanation, please asume 10.10.x.x networks are PUBLIC, and
192.168.y.y are private. Thanks!!

My setup is (more or less) as follows:

               Internet
                   |
                   | Real IP: 10.10.53.250
                   | ProxyARP1: 10.10.53.251
               ---------
               | m0n0  |
               ---------
                |  |  |
 PublicDMZ      |  |  |
 10.10.57.0/24 -|  |  |- private1/24
                   |      192.168.5.0/24
                   |
                  LAN
             private2/24

Both public networks, 10.10.53.0/24 and 10.10.57.0/24 are routed to me by the ISP.

The real IP and ProxyARP1 BOTH forward port 443 to 2 servers in the private1 network. Let's call
them 192.168.5.10 and 192.168.5.20.
That's working OK.

However, I've a server with a routeable IP address in the PublicDMZ network (10.10.57.100), also
with port 443 open.
There is a rule allowing traffic TO 10.10.57.100:443

However, it doesn't work, so I did some sniffing both at the server side and at the client side (the
client was my laptop on the Internet).

The client reports connection the CORRECT IP address in PublicDMZ (10.10.57.200), port 443, and the
server properly closing the connection.
The server never receives any packet.

When I spotted that result, I started questioning my sanity... so I investigate further, and found
that the packets addressed to the server in PublicDMZ (10.10.57.200) misteriously go to the server
in the private1 network: 192.168.5.10 (the one "behind" the real IP of the m0n0wall). The fact that
the connection was closed was due to the nature of that server, nothing to do with the firewall.

So my question is: How is it that packets addressed to a machine end in another machine, and the
sniffer at the client tells me that they arrived at the correct machine?????

What's wrong?

TIA!

Nekromancer



-- 
_______________________________________________

Search for businesses by name, location, or phone number.  -Lycos Yellow Pages

http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp?SRC=lycos10