IP address on the WAN not expected when coming from a NAT+shaped+LAN host



  • Hey all,

    Thanks, as always, for the superb software. We simply love it. As soon as we get snort running, I think we're about perfect position.

    Quick question for you: we have a pretty straight forward & simple config', where we 1-to-1 NAT all public-to-private IP's, 32 public IP's & 32 private IP's, works fine, when a box on the LAN hits www.whatismyip.org it shows as coming from the correct/expected public IP. Except for one software on one box. We have shaped traffic for VoIP, specifically IAX (udp/4569) and when that box hits our carrier, it shows as coming from the IP bound to the WAN interface of the firewall. Why is this? Does all shaped traffic appear as from the firewall & not the public side of the 1-to-1 NAT? Do we want this? Do we care? The reason this came up is that the carrier allows us one extra (& I like it & think it makes sense) layer of security insofar as allowing us to specify the IP of the our Asterisk box, which we use, and it shows as a different IP than I expected. This isnt something just related to udp/4569, is it?

    Thanks for al the information.

    Cheers.

    Jason Sjobeck
    www.sjobeck.com


Log in to reply