4. Routing question with CARPS & Bridged

Routing question with CARPS & Bridged

  • M

    Hello,

    I use pfsense 1.2b1 in a datacenter for colocation, i have 62 public IP's from xxx.xxx.xxx.128 to 191, the colocation gateway is xxx.xxx.xxx.129, subnet mask 255.255.255.192

    I have 4 nic's, my pfsense ip is xxx.xxx.xxx.130

    WAN (xxx.xxx.xxx.130/26, Gateway : xxx.xxx.xxx.129)
    |
    LAN (192.168.2.1/24)
    |
    OPT1 (bridged with WAN)
    |
    OPT2 (LAN2, 192.168.1.1/24)

    I want use 8 public IP's from my 64 IPs to do NAT on LAN2
    So I create 8 VIPs (xxx.xxx.xxx.176-184) and create NAT 1:1 to my LAN2

    The problem is the 8 Ip's i used with VIPs(CARPS) are in the subnet xxx.xxx.xxx.130/26 bridged with WAN.
    So when a packet arrive, it's send to the OPT1 interface & OPT2, i create a simple rule on the firewall for ICMP from WAN to my VIPs adresse, and one rule on my OPT2 to WAN, no problem everyting work fine.
    But i always have in my firewall log and deny message for this packet :
    if : OPT1 | destination xxx.xxx.xxx.176

    How to resolve this routing problem ?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy