Port forwarding

Hi, everyone

I’ve got HA ClusterXL with 3  VIP interfaces (1 WAN and 2 LAN) (see attached pic1).

When I do port forwarding for LAN – its works fine (smtp).

But for VIP DMZ – it doesn’t works (ftp)

In logging everything – OK – rule is working, but in the NAT section (pic 2) destination – wrong server (cloud). The cloud – has own rule for publishing (smtp).

We have only one public IP.

What should I do to make port forwarding working correctly?



Re: Port forwarding

I did it myself.

Manual NAT - no more

Re: Port forwarding

I don't quite understand the problem.

- Can you see an arp entry for the VIP?

- Create a manual NAT rule!

- Add a proxy arp address if necessary!

What does a fw monitor show?

# fwaccl off

# fw monitor -e "accept(src=<host> or dst=<host>);"



Re: Port forwarding

Thanks for reply, Heiko

I did manual NAT rules.

Everything is working well.