Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Half my rules working, half not

    Scheduled Pinned Locked Moved
    NAT
    2
    3
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rugby
      last edited by

      Okay, this is frustrating.

      I tried to swap our firewall in our datacenter this morning early after setting up identical rules on an Alix box to the SG560 that's currently in there.  I got it swapped, and half our port forwards did not work.  The weird thing is that there is only one Alias port group for NAT, we run 6 identical servers running the same processes, just on different IP internal IP addresses.  Of the 6, 3 worked just fine, 3 did not nat properly.

      I originally setup the Virtual IP's as Proxy ARP addresses, but none of them worked.  I then switched them to "other" and then they seemed to start working.

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Upstream equipment probably had the MAC addresses of the old box in its ARP cache.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • R
          rugby
          last edited by

          @jimp:

          Upstream equipment probably had the MAC addresses of the old box in its ARP cache.

          Interesting, let me check on that.  I need to replace that firewall and am not having a great experience with it.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.