|
||||||||||
1.2 didn't resolve the problem, still no proxy arp. It seems my upstream isn't accepting the proxy arp. I didn't have time to wait for the arp to time out or wait on a support ticket to get them to clear (not sure if they would), so I am spoofing the mac address on the WAN interface of the previous server who had the IP addresses (it's now behind my m0n0wall). This isn't ideal, I don't like spoofing it, but it was the only thing that I found would work and allow me to get the firewall up and running. Thanks for all of the input and suggestions. Charles On Fri, Dec 11, 2009 at 10:35 AM, Charles Goldsmith <wokka at justfamily dot org> wrote: > Ok, thanks. I'll downgrade to 1.2 this weekend hopefully and test > from there and post my results. > > Charles > > On Fri, Dec 11, 2009 at 5:08 AM, Ulrik Lunddahl (PROconsult) > <ul at proconsult dot dk> wrote: >> I'm using Proxy ARP in a production environment, for two subnets from my ISP, it's running fine, but with version 1.21 >> >> I'm about to upgrade to version 1.3, but it will be in the next few weeks. When I have upgraded, I will post here. >> >> >> Med venlig hilsen, Best regards >> Ulrik Lunddahl >> >> Sales Manager - Salgschef >> PROconsult Data A/S - Rugårdsvej 15 - 5000 Odense C >> Tel: +45 63113333 - Tel dir: +45 63113341 - Mobil: +45 26363341 - Fax: +45 63113344 >> E-mail: ul at proconsult dot dk - Web site: www.proconsult.dk >> >> >> >> VSP - Infrastructure Optimization Solutions >> VSP - Business Continuity >> VTSP - VMware Infrastructure Virtualization >> vExpert - Nominated for and Awarded the vExpert award in February 2009 >> >> >> >> -----Oprindelig meddelelse----- >> Fra: Charles Goldsmith [mailto:wokka at justfamily dot org] >> Sendt: 10. december 2009 23:14 >> Til: m0n0wall at lists dot m0n0 dot ch >> Emne: [m0n0wall] Re: proxy arp problems >> >> Is anyone using Proxy Arp in a production environment on 1.3? Also, >> if so, are you using it with Server NATs or 1:1 NATs? >> >> Thanks >> Charles >> >> On Tue, Dec 8, 2009 at 10:47 PM, Charles Goldsmith <wokka at justfamily dot org> wrote: >>> I've been a user of m0n0 for several years, and am trying to put a new >>> install in at a colo. Soekris 5501 with 1.3 new install on a flash >>> card. >>> >>> No problems with the basic nat/fw setup. But when I setup a few >>> server NATs and proxy arp, the proxy arp doesn't seem to be working. >>> >>> I have a /29 in a vlan, so the ISP isn't routing it. If I unplug my >>> WAN port on the firewall and plug into my linux laptop, I can alias in >>> all of the IP's and can ping them from remote. The m0n0 doesn't seem >>> to proxy arp my secondary IP's or the server nat's don't work, not >>> totally sure, but it seems to be proxy arp. I enabled ICMP to all >>> ip's and can ping the WAN address, but I cannot ping any of the other >>> IP's. >>> >>> Is anyone using server nats and proxy arp with 1.3 sucessfully? I >>> might be able to get my ISP to route the IPs for me, but I'd rather >>> not bother them with this. >>> >>> Any help would be appreciated. >>> Charles >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch >> >> > |