Shawn, is this resolved? I use multiple IPs on our IPcop firewall, and it's working very well. Personally, I'd recommend looking at 1.4b9. The 1.4 version has ALOT of benefits over 1.3, but I'm doing it with 1.3 now, so either should be fine.
The only thing I can think of is that when you port forward to the DNS servers, you're leaving the IP as the default, rather than selecting one of the aliases. Kev. On Saturday 14 August 2004 20:29, Shawn Grover wrote: > Hi gang. > > I'm trying to replace our primary firewall with IPCop and am running into > problems. > > We have a range of external IP addresses, most of which are currently used > for one or more services. I've configured the aliases on the external > network card (the red zone), but they don't seem to be responding to > traffic. If I ping the main IP (64.42.255.217), I get responses. But if I > ping one of the aliased IPs, I get no response. This is also preventing > name resolution as our primary and secondary DNS servers are on two of the > aliased IPs. > > I'm looking for ideas how to get this working. Of course, I can turn off > the new firewall, and reconnect the old one, so I'm not at a "network > outage" type of situation. > > I've attached a snippet from ifconfig output on IPCop's information page > below. Maybe it'll help identify the problem? I have configured IPCop to > forward port 53 (both tcp and udp) to our DNS servers and have tried using > the default IP on the external NIC, as well as the aliased IPs (our DNS > servers are 64.42.255.209 and 210). It seems names are not getting > resolved against these servers. I think this is the BIG stumbling block > for me - once I get past this, I should be able to get the other services > working. > > Oh, I have also enabled external access to the services in question, but > maybe have done this wrong? Do I need to allow access for each port on the > default IP AND the aliased IP? > > Any tips are appreciated. > > Shawn > > ----- ifconfig ----- > eth0 Link encap:Ethernet HWaddr 00:50:BF:A3:16:06 > inet addr:192.168.7.1 Bcast:192.168.7.255 Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:21843 errors:0 dropped:0 overruns:0 frame:0 > TX packets:23823 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:4079426 (3.8 Mb) TX bytes:4342247 (4.1 Mb) > Interrupt:12 Base address:0x6100 > > eth1 Link encap:Ethernet HWaddr 00:50:BA:49:15:27 > inet addr:64.42.255.217 Bcast:64.42.255.223 > Mask:255.255.255.240 UP BROADCAST RUNNING MTU:1500 Metric:1 > RX packets:17654 errors:31 dropped:0 overruns:0 frame:0 > TX packets:18149 errors:0 dropped:0 overruns:0 carrier:0 > collisions:244 txqueuelen:1000 > RX bytes:2392775 (2.2 Mb) TX bytes:3794953 (3.6 Mb) > Interrupt:5 Base address:0xb000 > > eth1:0 Link encap:Ethernet HWaddr 00:50:BA:49:15:27 > inet addr:64.42.255.209 Bcast:64.42.255.223 > Mask:255.255.255.240 UP BROADCAST RUNNING MTU:1500 Metric:1 > Interrupt:5 Base address:0xb000 > > eth1:1 Link encap:Ethernet HWaddr 00:50:BA:49:15:27 > inet addr:64.42.255.210 Bcast:64.42.255.223 > Mask:255.255.255.240 UP BROADCAST RUNNING MTU:1500 Metric:1 > Interrupt:5 Base address:0xb000 > > eth1:2 Link encap:Ethernet HWaddr 00:50:BA:49:15:27 > inet addr:64.42.255.212 Bcast:64.42.255.223 > Mask:255.255.255.240 UP BROADCAST RUNNING MTU:1500 Metric:1 > Interrupt:5 Base address:0xb000 > > eth1:3 Link encap:Ethernet HWaddr 00:50:BA:49:15:27 > inet addr:64.42.255.213 Bcast:64.42.255.223 > Mask:255.255.255.240 UP BROADCAST RUNNING MTU:1500 Metric:1 > Interrupt:5 Base address:0xb000 > > eth1:4 Link encap:Ethernet HWaddr 00:50:BA:49:15:27 > inet addr:64.42.255.214 Bcast:64.42.255.223 > Mask:255.255.255.240 UP BROADCAST RUNNING MTU:1500 Metric:1 > Interrupt:5 Base address:0xb000 > > eth1:5 Link encap:Ethernet HWaddr 00:50:BA:49:15:27 > inet addr:64.42.255.215 Bcast:64.42.255.223 > Mask:255.255.255.240 UP BROADCAST RUNNING MTU:1500 Metric:1 > Interrupt:5 Base address:0xb000 > > _______________________________________________ > clug-talk mailing list > [EMAIL PROTECTED] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
