[RESOLVED] https through virtual IP
-
try without destination alias
how do you have public ip's? are you having continous block or something else? -
Ok, I changed the entry to replacing the alias with the Ip of the server.
Same result.
Yes, it's a block. (162-165) And I'm reaching the firewall from the outside wold with the .163 because I get the Firewall block entries at the exact time I try to access from the outside world. The .162 is the regular address. I used the 163 in the past (hooked up to another physical firewall), I stopped using it for a while, it is possible that the provider changed something, but I doubt it.
I haven't posted the entry itself in NAT. Here is the screenshot of that.
-
It's fixed!
Thank you, when you asked about the block, I kept thinking, so I went and rechecked everything, duhhhh, how stupid of me, the subnet mask was WRONG.
Geez,
Thank you!
-
It's ok, but you're showing again your public ip's
-
So I set everything back to how I wanted it originally, and for the record having the destination Alias works fine.
Thanks for the Public/IP warning. I'll take it out again. Thanks.
Is there a way one can mark threads as "Answered" here?
-
edit your first post subject with [SOLVED]
-
Nevermind, it isn't solved. Having the same problem again. I have no clue as to why it started working and after a while it stopped working.
Any ideas of what else too look for?
-
Well I Fixed it again.
I think I found a bug.
Whenever you make and changes to the System Advanced Firewall/NAT window, it changes the IP Alias to Network, rather than the Single address, which of course breaks this. Uggh…
Anyways, messing around the screen, I can't remember what the defaults where for this was, can someone remember me which ones should be check?
Disable NAT Reflection for port forwards:
Disable NAT Reflection for 1:1 NAT :
Automatically create outbound NAT rules...:Thanks,
-
I was wrong, changes in the System Advanced screen do not change the label Network. The label Network is changed whenever you use anything other than a /32 mask.
It turns out that it works just fine with the mask /32
Whenever I re-save the Virtual IP it starts working again.
But I just noticed something else I got the log entry:
kernel: arp: 00:1e:58:39:1a:1e is using my IP address 200.XXX.XXX.163 on vr0!So I guess the provider did change something and that IP is assigned to something else, that would explain the weird erratic behavior. The provider was absorbed by another provider, so I think that's the origin of the problem.
Anyhow, thanks and please do let me know what the defaults are for:
Disable NAT Reflection for port forwards:
Disable NAT Reflection for 1:1 NAT :
Automatically create outbound NAT rules…: -
Disable NAT Reflection for port forwards:
Disable NAT Reflection for 1:1 NAT :
Automatically create outbound NAT rules…:I'm not sure if i have default settings, but working settings: check, check & uncheck
-
Thanks!