[pfSense Support] R: [pfSense Support] Publishing over 2 WAN connections
As I wrote: OPT1: 192.168.0.200/24, so this is not the lan interface, but the OPT1... -Messaggio originale- Da: sai [mailto:[EMAIL PROTECTED] Inviato: martedì 8 maggio 2007 10.43 A: support@pfsense.com Oggetto: Re: [pfSense Support] Publishing over 2 WAN connections 172.16.0.2:80 - 192.168.0.200:80 - 192.168.0.36:4196 SYN_SENT:ESTABLISHED. This is a connection from your LAN not from OPT. sai On 5/8/07, Quirino Santilli [EMAIL PROTECTED] wrote: Hi All, I'm dealing again with the task of publishing my servers' services over two different internet connections (in conjuncion with load balancing outgoing traffic over the same internet connections). Now I'll give you more detailed informations. My firewall is a pc with pfsense upgraded at the latest version available (pfSense-Full-Update-1.2-BETA-1-TESTING-SNAPSHOT-05-02-07). It has three interfaces Lan, Wan and Opt1: LAN: 172.16.0.1/24 WAN: 217.x.x.202/27 - with gw 217.x.x.193 OPT1: 192.168.0.200/24 - with gw 192.168.0.1 In my internal network I have a web server with the ip address 172.16.0.2. I NAT'ed the port 80 using Port Forward on both WAN and OPT1 using the address of the internal web server (172.16.0.2). The strange thing is that if i try to access my web server from the WAN ip address, everything works correctly and I can browse my web pages, but if i try to browse the web server using the OPT1 address, both using telnet on port 80 and internet explorer, the connection times out. The content of the firewall states related to this problem is: 172.16.0.2:80 - 192.168.0.200:80 - 192.168.0.36:4196 SYN_SENT:ESTABLISHED. Furthermore, even if I explicitly deny the ICMP traffic on the OPT1 interface, it replies to ping requests. All the described problems doesn't happen if I remove the gateway from the OPT1's interface configuration (but this is needed for policy routing in multi wan environments) Can you help me? Regards r3N0oV4 P.S.: This is the second post of my question because no one answered to me. There's something wrong in it? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Publishing over 2 WAN connections
Hi All, I'm dealing again with the task of publishing my servers' services over two different internet connections (in conjuncion with load balancing outgoing traffic over the same internet connections). Now I'll give you more detailed informations. My firewall is a pc with pfsense upgraded at the latest version available (pfSense-Full-Update-1.2-BETA-1-TESTING-SNAPSHOT-05-02-07). It has three interfaces Lan, Wan and Opt1: LAN: 172.16.0.1/24 WAN: 217.x.x.202/27 - with gw 217.x.x.193 OPT1: 192.168.0.200/24 - with gw 192.168.0.1 In my internal network I have a web server with the ip address 172.16.0.2. I NAT'ed the port 80 using Port Forward on both WAN and OPT1 using the address of the internal web server (172.16.0.2). The strange thing is that if i try to access my web server from the WAN ip address, everything works correctly and I can browse my web pages, but if i try to browse the web server using the OPT1 address, both using telnet on port 80 and internet explorer, the connection times out. The content of the firewall states related to this problem is: 172.16.0.2:80 - 192.168.0.200:80 - 192.168.0.36:4196 SYN_SENT:ESTABLISHED. Furthermore, even if I explicitly deny the ICMP traffic on the OPT1 interface, it replies to ping requests. All the described problems doesn't happen if I remove the gateway from the OPT1's interface configuration (but this is needed for policy routing in multi wan environments) Can you help me? Regards r3N0oV4 P.S.: This is the second post of my question because no one answered to me. There's something wrong in it?
Re: [pfSense Support] Publishing over 2 WAN connections
172.16.0.2:80 - 192.168.0.200:80 - 192.168.0.36:4196 SYN_SENT:ESTABLISHED. This is a connection from your LAN not from OPT. sai On 5/8/07, Quirino Santilli [EMAIL PROTECTED] wrote: Hi All, I'm dealing again with the task of publishing my servers' services over two different internet connections (in conjuncion with load balancing outgoing traffic over the same internet connections). Now I'll give you more detailed informations. My firewall is a pc with pfsense upgraded at the latest version available (pfSense-Full-Update-1.2-BETA-1-TESTING-SNAPSHOT-05-02-07). It has three interfaces Lan, Wan and Opt1: LAN: 172.16.0.1/24 WAN: 217.x.x.202/27 – with gw 217.x.x.193 OPT1: 192.168.0.200/24 – with gw 192.168.0.1 In my internal network I have a web server with the ip address 172.16.0.2. I NAT'ed the port 80 using Port Forward on both WAN and OPT1 using the address of the internal web server (172.16.0.2). The strange thing is that if i try to access my web server from the WAN ip address, everything works correctly and I can browse my web pages, but if i try to browse the web server using the OPT1 address, both using telnet on port 80 and internet explorer, the connection times out. The content of the firewall states related to this problem is: 172.16.0.2:80 - 192.168.0.200:80 - 192.168.0.36:4196 SYN_SENT:ESTABLISHED. Furthermore, even if I explicitly deny the ICMP traffic on the OPT1 interface, it replies to ping requests. All the described problems doesn't happen if I remove the gateway from the OPT1's interface configuration (but this is needed for policy routing in multi wan environments) Can you help me? Regards r3N0oV4 P.S.: This is the second post of my question because no one answered to me. There's something wrong in it? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Publishing over 2 WAN connections
Hi All, I'm dealing again with the task of publishing my servers' services over two different internet connections (in conjuncion with load balancing outgoing traffic over the same internet connections). Now I'll give you more detailed informations. My firewall is a pc with pfsense upgraded at the latest version available (pfSense-Full-Update-1.2-BETA-1-TESTING-SNAPSHOT-05-02-07). It has three interfaces Lan, Wan and Opt1: LAN: 172.16.0.1/24 WAN: 217.x.x.202/27 - with gw 217.x.x.193 OPT1: 192.168.0.200/24 - with gw 192.168.0.1 In my internal network I have a web server with the ip address 172.16.0.2. I NAT'ed the port 80 using Port Forward on both WAN and OPT1 using the address of the internal web server (172.16.0.2). The strange thing is that if i try to access my web server from the WAN ip address, everything works correctly and I can browse my web pages, but if i try to browse the web server using the OPT1 address, both using telnet on port 80 and internet explorer, the connection times out. The content of the firewall states related to this problem is: 172.16.0.2:80 - 192.168.0.200:80 - 192.168.0.36:4196 SYN_SENT:ESTABLISHED. Furthermore, even if I explicitly deny the ICMP traffic on the OPT1 interface, it replies to ping requests. All the described problems doesn't happen if I remove the gateway from the OPT1's interface configuration (but this is needed for policy routing in multi wan environments) Can you help me? Regards r3N0oV4
Re: [pfSense Support] Publishing over 2 WAN Connections
You mean that you can access the web site using one IP address, but not the other IP address? Or are you using the domain name? What does the states page show about the connections that are made/attempted? sai On 5/2/07, Quirino Santilli [EMAIL PROTECTED] wrote: Hello, I was trying to publish a web server over both my 2 wan connections, but only one is working properly. It's important to say that I already created a balancer pool that seems to work correctly. I also tried to change the gateway in the allow rules, but nothing changed. Is there something I missed? Regards r3N0oV4 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] R: [pfSense Support] Publishing over 2 WAN Connections
My Firewall states underline the fact that the connection between the client and the web server remains pending. I already encountered a similar situation, and the problem was related with the web server which was not using the publishing firewall as the default gateway. Now the default gateway is right but I really don't know what to change in the firewall configuration to make the web server's answer packets come backup through the same public interface... Regards r3n0ov4 -Messaggio originale- Da: sai [mailto:[EMAIL PROTECTED] Inviato: giovedì 3 maggio 2007 10.41 A: support@pfsense.com Oggetto: Re: [pfSense Support] Publishing over 2 WAN Connections You mean that you can access the web site using one IP address, but not the other IP address? Or are you using the domain name? What does the states page show about the connections that are made/attempted? sai On 5/2/07, Quirino Santilli [EMAIL PROTECTED] wrote: Hello, I was trying to publish a web server over both my 2 wan connections, but only one is working properly. It's important to say that I already created a balancer pool that seems to work correctly. I also tried to change the gateway in the allow rules, but nothing changed. Is there something I missed? Regards r3N0oV4 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Publishing over 2 WAN Connections
Hello, I was trying to publish a web server over both my 2 wan connections, but only one is working properly. It's important to say that I already created a balancer pool that seems to work correctly. I also tried to change the gateway in the allow rules, but nothing changed. Is there something I missed? Regards r3N0oV4
