[ previous ] [ next ] [ threads ]
 
 From:  Michael Brown <knightmb at knightmb dot dyndns dot org>
 To:  m0n0wall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Inbound NAT Port for WAN being spread across too many IP address instead
 Date:  Mon, 16 Jul 2007 12:40:20 -0500
Hi All,
I've run into a bit of a strange issue, I hope someone can shed some 
light on this.

I've been using m0n0wall for years (same machine) without any issues. 
Just recently, I switched the company ISP over and this new ISP gave us 
the same amount of static IPs as the old one. The only different was 
they were obviously different static IPs, but through the magic of DNS, 
everything is good to go with websites and such. The only issue I've run 
into, I have a few inbound NAT mappings, a few for TightVNC on port 5800 
and 5900. What is strange, these inbound mappings are showing up across 
all of the static IPs. Before, it just used the IP address of m0n0wall 
WAN. I used ARP to map the other static IPs to severs for only certain 
ports (web, mail, ftp, etc) Everything still works, it's just my 
"general" NAT inbound is bleeding over to all the static IPs, including 
one that isn't being for any particular server yet. I've tried removing 
them, put them back in, restart m0n0wall, etc. No luck for some reason. 
I can't see this as being an issue before because I could do a port scan 
and only the ports on my m0n0wall WAN would show the open ports. The 
other IPs would only show HTTP or SMTP, depending on what I had setup.

All in all, the only thing that has changed is the WAN address for 
m0n0wall, DNS servers for m0n0wall, and the ARP entries for the new 
static IPs. Everything else has remained the same.

Any info or idea would be greatly appreciated.

Thanks,
Michael