Bastian Schern schrieb:
[...]
The Virtual IPs on the WAN side should be forwarded to different LAN Hosts.
I Already fixed the 1:1 NAT problem. I had to open the LAN Ports for WAN
and not the external WAN IP. ;-)
The internal Virtual IPs should be pingable. The FW should handle 3
Private LANs: 192.168.0.0/24, 192.168.3.0/24 and 192.168.101.0/24.
--- snip ---
<virtualip>
<vip>
<mode>other</mode>
<interface>lan</interface>
<descr>Private LAN</descr>
<type>single</type>
<subnet_bits>32</subnet_bits>
<subnet>192.168.3.1</subnet>
</vip>
<vip>
<mode>other</mode>
<interface>lan</interface>
<descr>AH-P LAN</descr>
<type>single</type>
<subnet_bits>32</subnet_bits>
<subnet>192.168.101.1</subnet>
</vip>
<vip>
<mode>proxyarp</mode>
<interface>wan</interface>
<descr>WAN Subnet</descr>
<type>network</type>
<subnet_bits>28</subnet_bits>
<subnet>213.xxx.xxx.64</subnet>
</vip>
</virtualip>
--- snap ---
--- snip ---
# ifconfig rl1
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::2e0:7dff:fe98:5c60%rl1 prefixlen 64 scopeid 0x2
ether 00:e0:7d:98:5c:60
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
--- snap ---
It looks like the virtual IPs are not existing. If I try to ping e.g.
192.168.3.1 I get "Destination Host Unreachable".
But if I try to setup the virtual IP manualy I get this:
# ifconfig rl1 inet 192.168.3.1 netmask 255.255.255.0 alias
ifconfig: ioctl (SIOCAIFADDR): File exists
Is this a bug or a feature? ;-)
Regards
Bastian
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
