Greetings-
I have a box running 5.210 with 4 NICS, 1 internal, 1 DMZ, and 2 External IPS.
External1: x.x.x.132 (255.255.252.0)
External2: x.x.x.133 (255.255.252.0)
Internal: y.y.y.n (255.255.255.0)
DMZ: z.z.z.n (255.255.255.0)
I have a web server (x.x.x.130) on the same external network/subnet as the 2 external NICS in my Astaro box. I am setting up a web chat app that needs to connect to an internal (y.y.y.21) machine for live web chat support. I have a NAT rule that says take any request from ‘ANY’ to the external card x.x.x.132 for the service using port 5223 and NAT to y.y.y.21/same service, and masq on internal. I also have a packet filter rule that says anything from ‘ANY’ to y.y.y.21 action/allow.
When I try to establish the connection it times out and give me an error that it cannot connect. I loaded up my live log and saw the following while attempting to connect:
11:45:09 x.x.x.130 58567 -> y.y.y.21 5223 TCP 60 63 Spoofing MAC ->
11:45:12 x.x.x.130 58567 -> y.y.y.21 5223 TCP 60 63 Spoofing MAC ->
And it gets dropped I guess. Is there some way to adjust the Spoofing rules such that I can get this to work correctly? Or is something else going on?
I tried creating rules that specifically allow traffic from the web server to the internal machine, but I still get the same error.
Any help would be greatly appreciated!
Regards,
Claud1e
This thread was automatically locked due to age.
