On 7/27/05, Matthew Lenz <[EMAIL PROTECTED]> wrote: > say I want to have multiple ip's on the wan interface so that I can forward > http/https for one public ip to a private ip behind the firewall and > smtp/imap on a different public ip to a another private ip behind the > firewall. I thought this was what the virtual ip functionality is for.
Yup, that's what it's for. > I added a virtual ip using the WAN interface (using proxy arp cuz it was the > default) and used a public ip thats available on the same subnet that the > firewall's wan ip is on So far, this sounds right. > and forwarded port 80 to the private ip of my server's port 80. Port forwarding? > ( I've got outbound nat enabled for the time being for > this private subnet and all the machines, including the server, on the > private subnet can get to the internet just fine. ) Shouldn't matter. > I checked the 'auto add > firewall rule' checkbox and clicked save. Everything looks cool but when I > attempt to access that ip on port 80 from a remote internet site I don't get > anywhere. Should have worked. It does take a second or two for rule changes to apply, but this should have worked like a charm. > Was this not the procedure I was looking for? Do I instead have to create > an 'interface' for each public ip and use the same ethernet device for each? Nope, what you did sounds right. --Bill
