|
||||||||||
> On Tue, Dec 8, 2009 at 10:47 PM, Charles Goldsmith > <wokka at justfamily dot org> wrote: > > I've been a user of m0n0 for several years, and am trying to put a > new > > install in at a colo. Soekris 5501 with 1.3 new install on a flash > > card. > > > > No problems with the basic nat/fw setup. But when I setup a few > > server NATs and proxy arp, the proxy arp doesn't seem to be > working. > > > > I have a /29 in a vlan, so the ISP isn't routing it. If I unplug > my > > WAN port on the firewall and plug into my linux laptop, I can alias > in > > all of the IP's and can ping them from remote. The m0n0 doesn't > seem > > to proxy arp my secondary IP's or the server nat's don't work, not > > totally sure, but it seems to be proxy arp. I enabled ICMP to all > > ip's and can ping the WAN address, but I cannot ping any of the > other > > IP's. > > > > Is anyone using server nats and proxy arp with 1.3 sucessfully? I > > might be able to get my ISP to route the IPs for me, but I'd rather > > not bother them with this. > > > > Any help would be appreciated. > > Charles > > > I've got systems setup in the same type of environment(subnet routed to my network/VLAN) but have not had to use proxy arp, server nat, or 1:1 nat. I simply setup the box to be a filtering bridge (Option checked in Advanced-->Enable Filtering Bridge). Then, I simply add rules to allow traffic through (with default deny rule of course). I just verified this setup is in use on 4 or 5 production systems all running 1.3b11. Maybe you're going about this the wrong way? :-) Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 |