Hi,
we are transforming our internal lan to another ip adress range. Therefore we create a additional ip for the internal nic, eth0a.
Some clients have download files from external ftp-servers, realized by packet filter. We removed the service ftp from HTTP-Proxy. In the past they download their pattern files etc. from external servers. After switching these clients to the new lan and changing the packet filter rule they cannot connect to the ftp server. There are not even entries in the log. Logging for ftp data connections is enabled.
I assume the reason is in the masquerading rules.
We have two masquerading rules
eth0 -> extern
eth0a -> extern
Is it really impossible to use two different masquerading rules to one lan?
Is it really impossible to use a masquerading rule on an additional address?
Maybe I am wrong. Probably it is not a masquerading problem but do you have any other ideas?
Thank you for your help
kind regards
Karl.
This thread was automatically locked due to age.