I suggest you compare your configuration with Kenneth who says he has multiple red IPs forwarding successfully with EFW 2.4.1.
Also, could you perform a test? SSH in to your EFW machine or go to the console and try to telnet to one of the secondary IPs that have a port forwarding rule defined and see if the traffic is correctly forwarded when tested in this manner. This is the test I performed on the virtualized setup that led to the likely conclusion that this is virtual network issue rather than an EFW specific issue. Example: let's say your primary IP is x.x.x.x and your secondary is x.x.x.y, define a forwarding rule on x.x.x.y pointing to an internal machine with an accessible service such as terminal services, smtp, imap, pop, etc - whatever which is what is not working under 2.4.1, then from a console/ssh session on the endian test with telnet: telnet x.x.x.y <port#> and see if the a connection is established thanks very much Farzan Qureshi-2 wrote: > > I am not running endian as VM appliance but as a physical host. My version > is 2.4.1. > > Wondering if it works for u under vm then i will move to vm scenario. > On Oct 22, 2011 12:12 PM, "rone" <r...@edisongroup.net> wrote: > >> >> Will do, could you please post what is your configuration so we can >> compare >> and gather further data? Version of Endian you have tested / which >> virtualization solution? >> >> Thanks >> >> >> Farzan Qureshi-2 wrote: >> > >> > Plz do post your findings as i am also running into same issues.. >> > On Oct 22, 2011 6:48 AM, "rone" <r...@edisongroup.net> wrote: >> > >> >> >> >> >> >> Thanks for the offer. Somewhat of a breakthrough last night. Am >> running >> >> EFW >> >> as a virtual machine under KVM and it seems that somehow packets are >> not >> >> actually making it to the EFW on the secondary IPs, seems something to >> do >> >> with the virtualization configuration although it is the first time >> I've >> >> seen this and have run a variety of OSs under the same setup. >> >> >> >> EFW 2.4.1 definitely had the issue with not forwarding traffic to any >> but >> >> the primary IP running directly on hardware which is why we switched >> to >> a >> >> virtualized setup. That particular installation has been replaced so I >> >> don't >> >> have an example to show on that one. >> >> >> >> Will pursue this from the virtualization side and post back here what >> I >> >> find. >> >> >> >> Thanks for the input. >> >> >> >> >> >> Kenneth Lundström wrote: >> >> > >> >> > If needed we could use Teamviewer and you can show your >> configuration, >> >> > >> >> > >> >> > Kenneth >> >> > >> >> >> Thanks, >> >> >> >> >> >> I would be extremely interested in what version you are running and >> >> what >> >> >> your port forwarding configuration is. I have spent many hours with >> >> this >> >> >> and >> >> >> have not been able to get any but the first / primary IP assigned >> to >> >> the >> >> >> red >> >> >> interface to forward any traffic to an internal IP. >> >> >> >> >> >> I am configuring rules as follows: >> >> >> >> >> >> Port forwarding / Nat rule: Access from type Any, Target: have >> tried >> >> any >> >> >> uplink as well as selecting the specific red IP desired. Any uplink >> >> works >> >> >> only on the primary IP. >> >> >> >> >> >> Filter policy is either allow or allow with IPS. >> >> >> >> >> >> Services are typically a single TCP port. >> >> >> >> >> >> Translate to: IP , DNAT policy: NAT. >> >> >> >> >> >> Insert IP: internal IP of server to be forwarded to, Port/Range: >> >> internal >> >> >> port to be forwarded to. >> >> >> >> >> >> >> >> >> Any advice or input would be greatly appreciated. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> Kenneth Lundström wrote: >> >> >>> In what way can't you get it to work? >> >> >>> >> >> >>> I have at the moment two Endian running with maybe 15 RED IP:s on >> >> both >> >> >>> and can forward from whatever IP to whatever internal address I >> like. >> >> >>> >> >> >>> Please describe what you have done and we might be able to help >> you. >> >> >>> >> >> >>> >> >> >>> Kenneth >> >> >>>> Dear All, >> >> >>>> >> >> >>>> This has been discussed before - I have been using Endian for >> years >> >> and >> >> >>>> for >> >> >>>> the first time attempted to configure a red interface with >> multiple >> >> >>>> IPs. >> >> >>>> I >> >> >>>> have tried many configurations to get this to work both in >> version >> >> >>>> 2.4.1 >> >> >>>> and >> >> >>>> version 2.3. >> >> >>>> >> >> >>>> Would greatly appreciate any input on how to get ports forwarded >> >> from >> >> >>>> additional red IPs -- I can only get the primary red IP to >> forward >> >> any >> >> >>>> traffic. >> >> >>>> >> >> >>>> Thanks. >> >> >>> >> >> >>> >> >> >> ------------------------------------------------------------------------------ >> >> >>> The demand for IT networking professionals continues to grow, and >> the >> >> >>> demand for specialized networking skills is growing even more >> >> rapidly. >> >> >>> Take a complimentary Learning@Cisco Self-Assessment and learn >> >> >>> about Cisco certifications, training, and career opportunities. >> >> >>> http://p.sf.net/sfu/cisco-dev2dev >> >> >>> _______________________________________________ >> >> >>> Efw-user mailing list >> >> >>> Efw-user@lists.sourceforge.net >> >> >>> https://lists.sourceforge.net/lists/listinfo/efw-user >> >> >>> >> >> >>> >> >> > >> >> > >> >> > >> >> >> ------------------------------------------------------------------------------ >> >> > The demand for IT networking professionals continues to grow, and >> the >> >> > demand for specialized networking skills is growing even more >> rapidly. >> >> > Take a complimentary Learning@Cisco Self-Assessment and learn >> >> > about Cisco certifications, training, and career opportunities. >> >> > http://p.sf.net/sfu/cisco-dev2dev >> >> > _______________________________________________ >> >> > Efw-user mailing list >> >> > Efw-user@lists.sourceforge.net >> >> > https://lists.sourceforge.net/lists/listinfo/efw-user >> >> > >> >> > >> >> >> >> -- >> >> View this message in context: >> >> >> http://old.nabble.com/Port-forwarding-on-RED-multi-IP-tp32694429p32698079.html >> >> Sent from the efw-user mailing list archive at Nabble.com. >> >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> The demand for IT networking professionals continues to grow, and the >> >> demand for specialized networking skills is growing even more rapidly. >> >> Take a complimentary Learning@Cisco Self-Assessment and learn >> >> about Cisco certifications, training, and career opportunities. >> >> http://p.sf.net/sfu/cisco-dev2dev >> >> _______________________________________________ >> >> Efw-user mailing list >> >> Efw-user@lists.sourceforge.net >> >> https://lists.sourceforge.net/lists/listinfo/efw-user >> >> >> > >> > >> ------------------------------------------------------------------------------ >> > The demand for IT networking professionals continues to grow, and the >> > demand for specialized networking skills is growing even more rapidly. >> > Take a complimentary Learning@Cisco Self-Assessment and learn >> > about Cisco certifications, training, and career opportunities. >> > http://p.sf.net/sfu/cisco-dev2dev >> > _______________________________________________ >> > Efw-user mailing list >> > Efw-user@lists.sourceforge.net >> > https://lists.sourceforge.net/lists/listinfo/efw-user >> > >> > >> >> -- >> View this message in context: >> http://old.nabble.com/Port-forwarding-on-RED-multi-IP-tp32694429p32699609.html >> Sent from the efw-user mailing list archive at Nabble.com. >> >> >> >> ------------------------------------------------------------------------------ >> The demand for IT networking professionals continues to grow, and the >> demand for specialized networking skills is growing even more rapidly. >> Take a complimentary Learning@Cisco Self-Assessment and learn >> about Cisco certifications, training, and career opportunities. >> http://p.sf.net/sfu/cisco-dev2dev >> _______________________________________________ >> Efw-user mailing list >> Efw-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/efw-user >> > > ------------------------------------------------------------------------------ > The demand for IT networking professionals continues to grow, and the > demand for specialized networking skills is growing even more rapidly. > Take a complimentary Learning@Cisco Self-Assessment and learn > about Cisco certifications, training, and career opportunities. > http://p.sf.net/sfu/cisco-dev2dev > _______________________________________________ > Efw-user mailing list > Efw-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/efw-user > > -- View this message in context: http://old.nabble.com/Port-forwarding-on-RED-multi-IP-tp32694429p32699767.html Sent from the efw-user mailing list archive at Nabble.com. ------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Cisco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
