BASIC NAT! and Routing REAL EASY IM SURE! PLEASE HELP
-
Guys, I have a delema! which im sure all you clever guys can put me in the right direction.
Let me begin…
I have some IPs given to me by my ISP in a /29 so lets just say i have been given 8 IPs 6 useable! Im sure your all agree. I will make up the useable network addresses.
80.189.145.113
80.189.145.114
80.189.145.115
80.189.145.116
80.189.145.117
80.189.145.118Right ok the first address is assigned to my Zyxel Router. So the I have an ADSL connection and the firewall and NAT switched off so the lan address is 80.189.145.113. Right this is normal
ok now i have I a Pfsense 2.0.1 box ok so the IP of this box is the next one 80.189.145.114 and the gateway is 80.189.145.113 which talks to the Zyxel to route out. ok so now i go into the IP Alias section and then add in the addresses exactly
80.189.145.114/29
80.189.145.115/29
80.189.145.116/29
80.189.145.117/29
80.189.145.118/29ok next bit now is im going to use the NAT section to nat say 3389 to one of my servers. If I port forward to 114 address its fine. Even port forward to 115 address works FINE! now 116 DOESNT WORK!! WHY!!?? ok.... 117 address WORKS! 118 address WORKS!
Please help this is so anoying! im not stupid! well i dont think i am away!!
Let me say something before people start giving me answers! I used to own a Watchguard! So im migrating! I can say that the Watchguard was working before i switched it off in this exact configuation! Whats going on? If i go into the ping section of the PFSense box i can ping 80.189.145.116 and the Zyxel responds... So weird!
Thank you guys!! xx
-
I had similar kind of problem but it was caused by modem(modem had one ip-address and didn't route that anywhere). Why don't you do full bridging with your modem and have also .113 address on other use?
-
Personally I hate it in Bridge mode. If i get a problem with the ISP i cannot logon to the router and resolve it if need be. And also they cannot detect if the service is down also by a simple ping. Thats why i have 6 useable IPs 1 for router and the rest for the firewall. Thank you for replying, but unfortunately its not the answer im after. It doesnt make sense that its only that IP, id maybe understand if it was the last address in the /29 group.
-
Are you sure, that one non-working ip-address is setup same kind as any other working ip's especially subnet mask portion?
-
Thank you for your response again….
The IP alias's have all been added in the same way. When creating the NAT rule and then testing it with other alias's they all work accept for this one in the middle of the range. You do not specifi a subnet mask only the Bit mask. So when i add the Alias i make sure its on the correct WAN then enter the ip 80.189.145.116 then select /29 and simple click save and apply changes. Which is what i have done for the others.
-
You do not specifi a subnet mask only the Bit mask.
Sorry for not using correct notation, but if you want help you might calm down a bit. Besides i'm out of clues. You can try to take packet capture if there is something to help you
-
I am calm lol. I am just trying to be as detailed as i can to stipulate the problem, thats all. Whats the best packet cature package to use, where would i find logs of a blocking imcoming connection to the non-working IP? Thank you
-
Sounds like an IP conflict. You said you're pinging that IP, and some other device is answering, that would be an IP conflict.
-
OH MY GOD!!! I feel so stupid!!!!!!!!!!!!!!!!!! How basic is this! thank you for saying it could maybe be an IP conflict! However it wasnt! but it made me think…..I just gave the router a reboot and now working! god sake! I hate computers!!!
-
Just want to say thank you to you all for replies!! appreciate all your help! i have only just joined this forum and im getting more and more confidable with the product. Thank you again for a wonderful product!! i have implemented these boxes now around to some of clients! im that impressed! and using it in my Datacenter! Cheers x