Hello,
I've been using ASL 2.0 for quite some times now and it really is great except for a small nuance.
I have web servers and my ASL at a co-location site which have the same subnet mask for all the public ip nos.
Right now,my configuration is as follow:
External : 203.121.68.220(255.255.255.0)
Internal : 203.121.69.33(255.255.255.0)
My web servers sit on 203.121.69.30 and 203.121.69.31 respectively.
Currently, I use packet filter rules on ASL for incoming connection.
My problem is, other client who also co-located on the same data centre as I do have been complaining about my configuration. This client seems to think that my ASL have been sniffing the network. The problem occurs whenever he reboot his Win2k server(ip no 203.121.69.26/255.255.255.0), these server will lose it's ip address and instead getting an ip conflict error. Further checking(pinging and trace route) points the IP that he should have had, point to my ASL. Even when trace routing unused ip(example 203.121.69.20),the trace route will still go thru my ASL box.
I've been trying a lot of setting on my ASL(including direct routing, enabling/disabling proxy ARP) but nothing seems to work.
The only interim solution that I have right now is unplugged my ASL temporaryly whenever that client reboot his server, which I admit is quite dumb.
Can anybody help or give me any idea on what to do ? [:(]
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
