I'm having a problem with a DNAT.
I have multiple tomcat applications running on a box on one interface:
app1 - 172.16.35.2 and port 8080
app2 - 172.16.35.2 and port 8081
now I've created two DNAT rules to support these applications as http
DNAT
Traffic Source: corpNet-192.169.1.0/24
Traffic Service: http
Traffic Destination: app1-VIP-172.16.35.4
Destination: appsrv-172.16.35.2
Destination Service: tomcat-8080
Automatic PF Rules Enabled
DNAT
Traffic Source: corpNet-192.169.1.0/24
Traffic Service: http
Traffic Destination: app2-VIP-172.16.35.5
Destination: appsrv-172.16.35.2
Destination Service: tomcat-8081
Automatic PF Rules Enabled
Now I can't access either application. Telnet just times out as if the firewall is blocking the connection.
No denys are showing in the PF logs.
I thought maybe it's a proxy arp issue since these are not live IP's but since the FW is the default gateway I shouldn't need a proxy arp since it should xlate the address once the traffic is attempted to be route? Even if that were the case applying any additional interfaces on the FW (seem to be the only UI way to get an arp binds the portal to it negating my need for http/https port translation)
Any Ideas on what I can change to make this work?
This thread was automatically locked due to age.
