MUTLI WAN & NAT ??? [SOLVED - Reply#10]
-
FYI- You only have the port forward in there once. It should be in there twice (once for each WAN). The WAN rules look OK though.
rdr on nfe0 proto tcp from any to 24.212.178.88 port $Cloud -> $Server pass in log quick on $THOMSONWAN reply-to ( re0 198.84.211.65 ) proto tcp from any to $Server port $Cloud flags S/SA keep state label "USER_RULE: Allow Server to Cloud on ThomsonWAN" pass in log quick on $MOTOROLAWAN reply-to ( nfe0 24.212.178.65 ) proto tcp from any to $Server port $Cloud flags S/SA keep state label "USER_RULE: Allow Server to Cloud on MotorolaWAN" -
I saw port forwards for each. However, was it your intention to have your port forwards use two IP addresses for the redirect target IP? (10.10.10.20 and 10.10.10.30) I think using an alias with two (or more) addresses in it like that will make the forwarding cycle through the addresses in the alias on each connection attempt, using a different one each time.
-
? How could it only be in there once if NAT is working right now on both IP's, and yes. That example that server runs quad NIC's , the 2 there are used for public traffic.
-
So here we go.
This is a RAR with a Working Config and a RAR with a non working config.I send the password over PM to relevant People, because i dont know that i delete all passwords (or change them in the file to FFF/111)
http://www.marv21.de/RouterConfig.rar
-
? How could it only be in there once if NAT is working right now on both IP's, and yes. That example that server runs quad NIC's , the 2 there are used for public traffic.
Hmm I must have overlooked it, but now the rules.debug file is 404 so I can't check it again. Though Efonne is right about using multiple IPs in the target of a port forward. It will do round-robin connection alternating, it can't forward the same port to both systems and work for both at the same time.
And if you really want to do load balancing, use the load balancer, not a port forward, since a port forward with two entries would not be smart enough to remove a down host from the pool when it's not in use so half the connections would just fail. -
So here we go.
This is a RAR with a Working Config and a RAR with a non working config.I send the password over PM to relevant People, because i dont know that i delete all passwords (or change them in the file to FFF/111)
http://www.marv21.de/RouterConfig.rar
In your "don't work" folder the config.xml has two GW_WAN entries, but otherwise I don't see anything there that looks obviously out of place upon first glance. The rules have reply-to, so the default gateway shouldn't matter for items hitting the port forward. Though one of your WANs is getting double NAT, so that doesn't help, but it shouldn't interfere. USB nics (your ue0) are crappy in general but shouldn't affect it either.
I see you completely reconfigured the two NICs between those two configs, swapping them between "wan" and "opt1". So as it currently is, does the port forward still only work on one WAN? Or does it work on both now?
-
With the "work not" config only the default Gateway works ( in this config the UM WAN ( the dynamic)).
AT all iam fine, i swaped the assignment of the WAN1 and WAN2 (em0 and ue0) and everything is ok.
Maybe i forgot to delete a Wan entrie (if i swaped the assignment there a two dynamic Gateways for UM), but i correct that, but i doenst help.
-
Hey, Sorry not sure why it was deleted. It's back on same version. Ok I understand to use load balance if I was going to load balance against 2 web servers to a single nat ip.. but this is not what I am doing or my problem at that.
my problem is that the multi wan wont nat , even if I have 1 ip of the servers , so forget " dual server ips ". I still have issues with it allowing nat out on the port. this should work…correct ?
-
Hey, Sorry not sure why it was deleted. It's back on same version. Ok I understand to use load balance if I was going to load balance against 2 web servers to a single nat ip.. but this is not what I am doing or my problem at that.
my problem is that the multi wan wont nat , even if I have 1 ip of the servers , so forget " dual server ips ". I still have issues with it allowing nat out on the port. this should work…correct ?
BAD Question, but… Are u trieing it from the outside of your LAN?
-
of course ;)
