Double nat problems
-
Hi all!
I need some help in getting my new setup working. I have at HA setup with two “Super Micro XG-1541”
“fw01-a & fw01-b” (MASTER SETUP)All working and running perfectly, BUT now I must setup a second HA setup behind my first setup because I must prepare for a company split.
Second HA setup is running ad working with fail over, and sync from a – b
“fw01-bit-a & fw01-bit-b” (SECOND SETUP) LAN IP: 192.168.16.0/24What I did:
(MASTER SETUP)
Added Interface OPT1 on “fw01-a 192.168.2.2 & fw01-b 192.168.2.3”
Virtual IP 192.168.2.1/24 CARP(SECOND SETUP)
On “fw01-bit-a & fw01-bit-b”
fw01-bit-a WAN IP: 192.168.2.11
fw01-bit-b WAN IP: 192.168.2.12
Virtual IP: 192.168.2.10/24 CARPWhat I can get to work. :-)
On “MASTER SETUP”
NAT public IP E.G. xxx.xxx.xxx.82 to 192.168.2.82 - NAT Ports 1-65535
On “SECOND SETUP”
NAT 192.168.2.82 to 192.168.16.5 – NATE.G. HTTPS
From Internet I can now access xxx.xxx.xxx.82 and get response from 192.168.16.5
ALL IS GOODBUT what I cannot get to work:
I want to be able to go from machines at (MASTER SETUP) OPT2 (192.168.35.0/24) to
(SECOND SETUP) LAN E.G. 192.168.16.5This I just cannot get to work.
Any HELP? -
You have to add a static route on the first firewall for the networks behind the second, pointing to the WAN IP of the second.