|
||||||||
> I keep getting these messages in my system log and my client PCs can't > connect to the application on the "wan" side of the firewall. > > /kernel: arp: 192.168.103.23 moved from 00:00:0c:07:ac:06 to > 00:0d:28:13:53:f7 on sis1 > > My monowall is setup very simple. No rules for inbound, standard config > on NAT, no traffic shaping, no proxy arp setup. I do have a large > network on the LAN side 192.168.0.0 /16. I have searched the archives > but no luck. I seriously doubt if this is a proxy ARP issue. And I'd be surprised if this is related to your problem at all. You see messages like these when an IP changes from one NIC to another (hence the MAC change). If this were a WAN interface giving the messages, I'd say it was your ISP's router failing over to another NIC (I've seen poorly configured failover on Cisco gear hop interfaces, and hence MAC addresses repeatedly and generate messages such as this). In this instance, that particular IP is being assigned to a different network card prior to it timing out in m0n0's ARP cache (FreeBSD standard timeout is 5 minutes, IIRC, I'd assume m0n0 is the same). Or somebody is spoofing MAC addresses. This is an internal network issue, and definitely something I'd investigate as this is a sure indicator of something weird going on on your LAN, but on to your problem. By "application on the 'wan' side of the firewall", what exactly do you mean? Possibly this: http://m0n0.ch/wall/docbook/faq-lannat.html ? Regards, Chris This electronic transmission is intended for the addressee or entity indicated above. It may contain information that is privileged, confidential, or otherwise protected from disclosure. Any review, dissemination or use of this transmission or its contents by persons other than the addressee is prohibited. If you have received this transmission in error, we respectfully request that you notify us immediately and erase all copies of this transmission. Thank You. |