Update: Just like yesterday at the office, it randomly works again...but I'll leave this post up for anyone's benefit
I know this is a topic that gets posted a lot (because I've read all of the posts) but I still can't get it working. Can someone please point out what I'm doing wrong here, or I'm going to have to buy a less confusing firewall out of pocket for our small business.
We have our traffic coming in and out of the LAN through wan_ip fine, but setting up this second external IP is proving to be a nightmare. Here is my setup:
Address Book
lan_ip = 10.1.1.1
lannet = 10.1.0.0/16
lan2 = 10.1.5.1 -- IP of FTP
2 external WAN IP
wan_ip = xx.xx.xx.xx -- regular traffic
wan_ip2 = xx.xx.xx.xx -- external IP of FTP
Rules:
Group: lan2_to_wan
a) SAT, all_tcpudp
Source: lan, lan2
Destination: wan, all-nets
SAT: Translate the Source IP to new IP wan_ip2
b) NAT, all_tcpudp
Source: lan, lan2
Destination: wan, all-nets
NAT: Specify sender address: new IP wan_ip2
Group: wan_to_lan2
a) SAT, all_tcpudp
Source: any, all-nets
Destination: wan, wan_ip2
SAT: Translate the Destination IP to new IP lan2
b) NAT, all_tcpudp
Source: any, all-nets
Destination: wan, wan_ip2
NAT: Use interface address
ARP:
Public, Interface: wan, IP: wan_ip2, mac: 00-00-00-00-00-00
I don't think I need any Routes since 10.1.5.1 is part of my lan/lannet route, and wan_ip2 is part of the wan/wannet route.
If I'm on the lannet LAN, I can connect to the FTP via both lan2 and wan_ip2. But if I try to connect from outside of the network (such as from my house), I don't get a connection and I don't see any relevant information in the logging. After I get all of this working, I want to set up a wan_ip3 as well (for our phones) so it's even more important to get these figured out.
Author
Topic: DFL-210 Multiple WAN IP (Read 3563 times)