Cannot get it right: mixing AON with 1:1 mappings
-
Hi,
I have a dual wan setup (load balancing) with its AON rules working aparently fine for internal reserved-networks addresses in the LAN.
I also have several NAT 1:1 mappings from public virtual ips (Ip Alias) on one WAN interface to several internal LAN (reserved-network) IPs.
Here's where I'm not sure if I'm getting it right, or funky things are taking place: I understand 1:1 nat will take care of outgoing connections by setting the source address to the public IP, e.g.
WAN pu.bli.c.ip
IP Alias pu.bli.c.ip < –- > 192.168.1.3All ips but 192.168.1.3 will get natted for outgoing connections to the internet, so that they will look as if they were coming from WAN pu.bli.v.ip
192.168.1.3 due to its 1:1 nat should make its source address 'IP Alias pu.blic.ip' on outgoing connections.So, should a NO NAT rule be placed (AFAIK it should be the last??? am I wrong??) so that NO NAT is done if source address is 192.168.1.3??? where? before or after the regular outbound NAT rule for all the regular internal IPs??
I tried several configs and is funny for 192.168.1.3 some connections are natted correctly using "IP Alias pu.bli.c.ip" but some don't, and get natted through any of the 2 WAN NAT rules.
Yes, I did reset states between changes.