We've just transition from using IPCop 1.4.13 to using pfSense 1.2-RC2. The transition wasn't so bad. However we are having problems with jabber connections now.
Our ejabberd (version 1.1.2-6, from the Etch Debian package) runs inside a vserver in our dmz zone. Our domain name jabber.strategicdata.com.au resolves to the IP address on the WAN interface (not an Virtual IP). We have configured NAT rules to port forward the connections to the ejabberd vserver. This works for clients connecting from the Internet. It also works for clients connecting from the LAN that connect directly to the vserver address. However if a LAN client connects to jabber.strategicdata.com.au, and hence to the public IP address, they can connect, and they get disconnected a few minutes later. Does anyone know how I can debug this further? The ejabberd logs currently show that the dropping clients have a source IP address that corresponds to the dmz interface IP address on the pfSense router. The logs from when we were running IPCop 1.4.13 showed that ejabberd saw the connections coming from the LAN interface IP address. I'm not sure if this is significant, because in both cases the IP address doesn't correspond to where the client really is coming from. -- Geoff Crompton Debian System Administrator http://www.strategicdata.com.au Phone: +61 3 9340 9000 Fax: +61 3 9348 2015 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
