Bill Marquette wrote:
On 11/24/05, Rainer Duffner <[EMAIL PROTECTED]> wrote:
OK, I finally solved it.
The key to 1:1 NAT is that you also need to proxy-arp for the IPs in
question.
Otherwise, the router wouldn't know what to do with the packets...
Yeah, that's a bug, we should be enforcing that a virtual IP exists
for each 1:1 NAT. I'll try and poke at that today.
I don't know if it is a bug.
Though other firewalls probably do that automatically, the real problem
was that I didn't know it had to be done ;-)
cheers,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
