Mmmm. bridging CPE, make sure its not proxy arping. Check your RIP, if its turned on, on both the wrap and Csico, should be seen.
Where is the IP that is doing NAT located, on the RB450? The only way I had that work correctly was to drop all chain rules and tell NAT to source 10.0.0.0/8 when going out dst interface. I have 2 routers at the core one for BGP & etc upstream, the other for NAT and in building hand-off (couple lans's and wireless, then the BH's to the rest of the network + the hotspot). RickG wrote: > I agree but traceroutes run perfectly. Just to be clear, here is the setup: > Inet->RB450G(Firewall)->WRAP/StarOS->CPE->Customer Device (Cisco). > The subnet is 204.62.63.76/30. > RB450G has the subnet defined in the filter rules as chain forward. > The wireless interface on the WRAP has 204.62.63.77 assigned. > The CPE is in bridge mode so its on a private IP. > The Cisco has 204.62.63.78 assigned to ether1. > All with a 255.255.255.252 subnet mask. > I tested with my laptop in place of the router. > One strange item I noticed. I'm running RIP and it does not see the WRAP > with 204.62.63.77 assigned. > Any other ideas? > -RickG > > On Fri, Dec 18, 2009 at 5:13 PM, jree...@18-30chat.net < > jree...@18-30chat.net> wrote: > >> Routing or firewall setup issues. I pass a /24 and a /8 (NAT) across my >> entire >> network. I use one place of NAT (well a few users still have in house NAT) >> I >> would do traceroutes from and to the end IPs and see where things start to >> look >> wrong. >> >> RickG wrote: >>> OK, I've got a good one. I’m trying to pass public subnets to a couple of >>> customers. They worked before I switched them to a new, closer tower. >>> Bascially, it will not show the public IP when checking at >>> whatismyip.combut rather my firewall ip. Obviuosly, I can get on the >>> net with the public >>> ip's. What's weird is that it works at my office which is on the same >> tower >>> although it is a different access point. However, the AP's are the both >>> WRAP/StarOS units. My AP is running 5GHz and the customers is running >>> 2.4GHz. One other difference is that the customer's CPE is aNS2L and mine >> is >>> a NS5. I did try a Tranzeo CPQ as well. The only other difference is that >>> the customer is now only one hop from the firewall versus two hops >> before. >>> Any thoughts? >>> >>> -RickG >>> >>> >>> >> -------------------------------------------------------------------------------- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> >> -------------------------------------------------------------------------------- >>> WISPA Wireless List: wireless@wispa.org >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >> >> >> -------------------------------------------------------------------------------- >> WISPA Wants You! Join today! >> http://signup.wispa.org/ >> >> -------------------------------------------------------------------------------- >> >> WISPA Wireless List: wireless@wispa.org >> >> Subscribe/Unsubscribe: >> http://lists.wispa.org/mailman/listinfo/wireless >> >> Archives: http://lists.wispa.org/pipermail/wireless/ >> > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
