Hi gang.
I'm trying to replace our primary firewall with IPCop and am running into problems.
We have a range of external IP addresses, most of which are currently used for one or
more services. I've configured the aliases on the external network card (the red
zone), but they don't seem to be responding to traffic. If I ping the main IP
(64.42.255.217), I get responses. But if I ping one of the aliased IPs, I get no
response. This is also preventing name resolution as our primary and secondary DNS
servers are on two of the aliased IPs.
I'm looking for ideas how to get this working. Of course, I can turn off the new
firewall, and reconnect the old one, so I'm not at a "network outage" type of
situation.
I've attached a snippet from ifconfig output on IPCop's information page below. Maybe
it'll help identify the problem? I have configured IPCop to forward port 53 (both tcp
and udp) to our DNS servers and have tried using the default IP on the external NIC,
as well as the aliased IPs (our DNS servers are 64.42.255.209 and 210). It seems
names are not getting resolved against these servers. I think this is the BIG
stumbling block for me - once I get past this, I should be able to get the other
services working.
Oh, I have also enabled external access to the services in question, but maybe have
done this wrong? Do I need to allow access for each port on the default IP AND the
aliased IP?
Any tips are appreciated.
Shawn
----- ifconfig -----
eth0 Link encap:Ethernet HWaddr 00:50:BF:A3:16:06
inet addr:192.168.7.1 Bcast:192.168.7.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21843 errors:0 dropped:0 overruns:0 frame:0
TX packets:23823 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4079426 (3.8 Mb) TX bytes:4342247 (4.1 Mb)
Interrupt:12 Base address:0x6100
eth1 Link encap:Ethernet HWaddr 00:50:BA:49:15:27
inet addr:64.42.255.217 Bcast:64.42.255.223 Mask:255.255.255.240
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:17654 errors:31 dropped:0 overruns:0 frame:0
TX packets:18149 errors:0 dropped:0 overruns:0 carrier:0
collisions:244 txqueuelen:1000
RX bytes:2392775 (2.2 Mb) TX bytes:3794953 (3.6 Mb)
Interrupt:5 Base address:0xb000
eth1:0 Link encap:Ethernet HWaddr 00:50:BA:49:15:27
inet addr:64.42.255.209 Bcast:64.42.255.223 Mask:255.255.255.240
UP BROADCAST RUNNING MTU:1500 Metric:1
Interrupt:5 Base address:0xb000
eth1:1 Link encap:Ethernet HWaddr 00:50:BA:49:15:27
inet addr:64.42.255.210 Bcast:64.42.255.223 Mask:255.255.255.240
UP BROADCAST RUNNING MTU:1500 Metric:1
Interrupt:5 Base address:0xb000
eth1:2 Link encap:Ethernet HWaddr 00:50:BA:49:15:27
inet addr:64.42.255.212 Bcast:64.42.255.223 Mask:255.255.255.240
UP BROADCAST RUNNING MTU:1500 Metric:1
Interrupt:5 Base address:0xb000
eth1:3 Link encap:Ethernet HWaddr 00:50:BA:49:15:27
inet addr:64.42.255.213 Bcast:64.42.255.223 Mask:255.255.255.240
UP BROADCAST RUNNING MTU:1500 Metric:1
Interrupt:5 Base address:0xb000
eth1:4 Link encap:Ethernet HWaddr 00:50:BA:49:15:27
inet addr:64.42.255.214 Bcast:64.42.255.223 Mask:255.255.255.240
UP BROADCAST RUNNING MTU:1500 Metric:1
Interrupt:5 Base address:0xb000
eth1:5 Link encap:Ethernet HWaddr 00:50:BA:49:15:27
inet addr:64.42.255.215 Bcast:64.42.255.223 Mask:255.255.255.240
UP BROADCAST RUNNING MTU:1500 Metric:1
Interrupt:5 Base address:0xb000
_______________________________________________
clug-talk mailing list
[EMAIL PROTECTED]
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
