Uhhh, cause you just said what I said? Would the LAN IP not also be the physical server IP? :)
--Bill On 11/10/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > If that is the case then why does "Automatically create a rule" creat > a firewall rule permitting traffic to the LAN IP? > > On 11/10/05, Bill Marquette <[EMAIL PROTECTED]> wrote: > > NAT occurs before filtering. You need a rule on the WAN interface > > allowing connections to the physical server IPs. > > > > --Bill > > > > On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote: > > > I have. On the wan interface, im allowing anything to connect to the vip > > > 85.116.30.1 address on port 25 > > > > > > Do I need any others? > > > > > > > > > Scott Ullrich wrote: > > > > > > >Perhaps you need firewall rules!? > > > > > > > >On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > >>0.92 Latest > > > >> > > > >>For some reason left is master for the carp of the smtp and right is > > > >>master of the carp for the external (routing)... > > > >> > > > >>On the machine which is the inbound carp I have: > > > >> > > > >>DENIED: > > > >> > > > >>Aug 13 16:12:12 WAN 81.174.235.11.34623 85.116.30.1.25 > > > >>TCP > > > >> > > > >> > > > >>On the machine which is the smtp carp I have: > > > >> > > > >>DENIED: > > > >> > > > >>Nov 10 16:20:48 WAN 81.174.235.11.34683 192.168.7.1.25 > > > >>TCP > > > >> > > > >> > > > >>Looks like one of them has the wrong date too :) > > > >> > > > >>Scott Ullrich wrote: > > > >> > > > >> > > > >> > > > >>>1. What version > > > >>>2. What do you see in the firewall filter logs regarding these > > > >>>connections > > > >>> > > > >>>On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote: > > > >>> > > > >>> > > > >>> > > > >>> > > > >>>>Ok, > > > >>>> > > > >>>>I have left and right pfsense boxes. On my opt1 interface I have a > > > >>>>carp > > > >>>>setup: 85.116.x.1/27 is the network im using. My internal network is > > > >>>>then 192.168.x.0/24 > > > >>>> > > > >>>>I have 85.116.x.1 assigned as the virtual > > > >>>>I have 85.116.x.2 on left > > > >>>>85.116.x.3 on right > > > >>>> > > > >>>>I want to load balance 85.116.x.1 inbound on port 25 to a pool i have > > > >>>>setup which contains: > > > >>>> > > > >>>>192.168.x.1 > > > >>>>192.168.x.4 > > > >>>> > > > >>>>The left and right also have > > > >>>> > > > >>>>192.168.x.254 as virtual > > > >>>>192.168.x.252 on left > > > >>>>192.168.x.253 on right > > > >>>> > > > >>>>I have a firewall rule which allows * to connect on port 25 to the > > > >>>>carp > > > >>>>address which is 85.116.x.1 > > > >>>> > > > >>>>The tcp connection just times out. At one point it was in the log > > > >>>>saying "bad gateway 85.116.x.1" > > > >>>> > > > >>>>Other than this, its exactly as described in the IncomingLoadBalancing > > > >>>>example on the wiki. > > > >>>> > > > >>>>Lee > > > >>>> > > > >>>> > > > >>>>Scott Ullrich wrote: > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>>>Many people have followed these and they work. You'll need to > > > >>>>>provide > > > >>>>>more information of how its all setup and what doesn't work. > > > >>>>> > > > >>>>>On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote: > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>>>Hi Scott, > > > >>>>>> > > > >>>>>>I followed those exactly. And yet I still have no Joy :( > > > >>>>>> > > > >>>>>>Can anyone suggest anything which I may need to tick or the such > > > >>>>>>which > > > >>>>>>may prevent this from working? > > > >>>>>> > > > >>>>>>Regards > > > >>>>>> > > > >>>>>>Lee > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>>Scott Ullrich wrote: > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>>>Try visiting these docs: > > > >>>>>>> > > > >>>>>>>http://wiki.pfsense.com/wikka.php?wakka=OutgoingLoadBalancing > > > >>>>>>>http://wiki.pfsense.com/wikka.php?wakka=IncomingLoadBalancing > > > >>>>>>> > > > >>>>>>>Scott > > > >>>>>>> > > > >>>>>>> > > > >>>>>>>On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote: > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>>>Hi, > > > >>>>>>>> > > > >>>>>>>>Im new to pfsense and have two machines running 0.92 both with 2x > > > >>>>>>>>Dual > > > >>>>>>>>Port 100+ Intel Management adaptors. I cannot for the life of me > > > >>>>>>>>get > > > >>>>>>>>load balancing working. Here is how I have them setup: > > > >>>>>>>> > > > >>>>>>>>left.pfsense > > > >>>>>>>> > > > >>>>>>>>fxp1 Lan > > > >>>>>>>>fxp2 Cross Over cable to right.pfsense for sync > > > >>>>>>>>fxp3 DMZ Servers > > > >>>>>>>>fxp4 WAN > > > >>>>>>>> > > > >>>>>>>>right.pfsense > > > >>>>>>>> > > > >>>>>>>>fxp1 Lan > > > >>>>>>>>fxp2 Cross Over cable to right.pfsense for sync > > > >>>>>>>>fxp3 DMZ Servers > > > >>>>>>>>fxp4 WAN > > > >>>>>>>> > > > >>>>>>>>On my internal lan and wan I have carp's setup with virtual ip's. > > > >>>>>>>>I wish > > > >>>>>>>>to use one of my virtual ip's to load balance mail to 2 servers > > > >>>>>>>>on my > > > >>>>>>>>internal lan. I have it all setup as per on the wiki but I > > > >>>>>>>>cannot get > > > >>>>>>>>anything through to the mailservers on the internal lan. I have a > > > >>>>>>>>firewall rule which allows * to connect to the virtual ip on port > > > >>>>>>>>25. > > > >>>>>>>> > > > >>>>>>>>Any ideas? please help. > > > >>>>>>>> > > > >>>>>>>>Lee > > > >>>>>>>> > > > >>>>>>>>--------------------------------------------------------------------- > > > >>>>>>>>To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >>>>>>>>For additional commands, e-mail: [EMAIL PROTECTED] > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>--------------------------------------------------------------------- > > > >>>>>>>To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >>>>>>>For additional commands, e-mail: [EMAIL PROTECTED] > > > >>>>>>> > > > >>>>>>> > > > >>>>>>>____________________________________________________________________ > > > >>>>>>>This e-mail has been scanned for viruses by Mailsauce. For further > > > >>>>>>>information visit http://www.mailsauce.com > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>--------------------------------------------------------------------- > > > >>>>>>To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >>>>>>For additional commands, e-mail: [EMAIL PROTECTED] > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>--------------------------------------------------------------------- > > > >>>>>To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >>>>>For additional commands, e-mail: [EMAIL PROTECTED] > > > >>>>> > > > >>>>> > > > >>>>>____________________________________________________________________ > > > >>>>>This e-mail has been scanned for viruses by Mailsauce. For further > > > >>>>>information visit http://www.mailsauce.com > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>--------------------------------------------------------------------- > > > >>>>To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >>>>For additional commands, e-mail: [EMAIL PROTECTED] > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>--------------------------------------------------------------------- > > > >>>To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >>>For additional commands, e-mail: [EMAIL PROTECTED] > > > >>> > > > >>> > > > >>>____________________________________________________________________ > > > >>>This e-mail has been scanned for viruses by Mailsauce. For further > > > >>>information visit http://www.mailsauce.com > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>--------------------------------------------------------------------- > > > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >>For additional commands, e-mail: [EMAIL PROTECTED] > > > >> > > > >> > > > >> > > > >> > > > > > > > >--------------------------------------------------------------------- > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > >____________________________________________________________________ > > > >This e-mail has been scanned for viruses by Mailsauce. For further > > > >information visit http://www.mailsauce.com > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
