Has anyone checked if this is present in 4.5? If so we should aim to have a fix available with 4.5.1
-- Erik On Wed, Mar 18, 2015 at 10:47 AM, Paul Shadwell <shadw...@me.com> wrote: > I also have this problem, it effects running vPBX/VoIP services behind a > VR. > > In fact any service that requires a view on incoming IPs and domain names. > > For example fail2ban will block ALL access to ssh because it only ever > sees the VR IP address. > > Upgrading to 4.3.2 did not fix it. > > This needs fixing urgently. > > Best regards > > Paul > > > > > On 17 Mar 2015, at 14:01, Andrija Panic <andrija.pa...@gmail.com> wrote: > > > > Hi, > > > > is anybody willing to share the result from the folowing command, run in > VR > > (VPC VR): > > > > iptables -t nat -nvL > > > > This should preferable be run from SSH-to-VR, instead of > > ConsoleProxy-to-VR, because of nice output over SSH. > > > > > > It seems in 4.3.0 and 4.3.2, SNAT is done on ALL incoming connections, no > > matter to WHAT IP the traffic from internet came - primary IP, or > > additional one that is used for i.e. Static NAT - so SNAT rules always > > replace remote cleint IP with MAIN IP of the VPC... > > > > Please share your examples - this is serious bug in my opinion, and I wil > > raise JIRA - but would like some examples from other guys first. > > > > THanks, > > > > -- > > > > Andrija Panić > >
