Yes, I was accessing the external IP address from a different network. E.g. The 100.x.y.z is on ISP A, I tried to access it from a computer with IP 200.p.q.r on ISP B.
Rgds, On 2011-01-06, Abdulrehman <[email protected]> wrote: > You can not access the public IP address of the same IP pool. You have this > 100.2.2.8/25 on your WAN interface. Check this 100.2.2.9:53 from outside > your network. From inside, you can not use this (100.2.2.9:53) address to > query your DNS. Use the internal network address of the DNS server. > > On Thu, Jan 6, 2011 at 10:58 AM, Pandu Poluan <[email protected]> wrote: > >> Hello again! >> >> I think I'm having trouble with VIP. >> >> The scenario is this (IP addresses obfuscated): >> + WAN address is 100.2.2.8/25 >> + LAN address is 192.168.1.1/24 >> + I create a VIP, CARP, 100.2.2.9/25 >> >> Now, I tried to make a NAT: >> + 100.2.2.9:53 forwards to 192.168.1.20:53 >> + A firewall rule is automatically created >> >> However, all attempts to contact the DNS Server via 100.2.2.9:53 fail. >> >> If I try ping-ing an external IP address from the DNS Server >> (192.168.1.20), it works. >> >> Where did I go wrong? >> >> -- >> Pandu E Poluan >> > > > > -- > > > Regards > Abdulrehman > -- -- Pandu E Poluan - IT Optimizer My website: http://pandu.poluan.info/ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
