Non-virtual ip address getting filtered



  • I have 5 ips from my provider which I use 4.  I keep the last one as a monitoring and testing address outside of the firewall.  Since upgrading to 2.0.2, the ip works fine as a virtual ip but when I try to put it on separate machine along side the external fw ip somehow its getting blocked/filtered from reaching the default gateway and beyond. worked fine in 2.0.1.  Any ideas?



  • Has nothing to do with your firewall. You can't move IPs around like that without clearing the upstream ARP cache, which may be impossible short of calling your ISP depending on the type of connection you have. Or wait for its ARP cache to timeout, which is generally 4 hours by default.



  • Didn't even cross my mind.  Because it was once a virtual ip, will I have to disconnect the firewall all together to clear the arp cache of the address?



  • No, once the VIP is removed, the ARP cache timeout process starts at that point.


Locked