Ok here is what I have
WAN interface
Allow anything to connect to vip address on port 25
Allow anything to connect to internal /24 on port 25
LAN Interface
Allow anything to connect to internal/24 on port 25
Surely that covers it off?
Lee
Bill Marquette wrote:
NAT occurs before filtering. You need a rule on the WAN interface
allowing connections to the physical server IPs.
--Bill
On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote:
I have. On the wan interface, im allowing anything to connect to the vip
85.116.30.1 address on port 25
Do I need any others?
Scott Ullrich wrote:
Perhaps you need firewall rules!?
On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote:
0.92 Latest
For some reason left is master for the carp of the smtp and right is
master of the carp for the external (routing)...
On the machine which is the inbound carp I have:
DENIED:
Aug 13 16:12:12 WAN 81.174.235.11.34623 85.116.30.1.25 TCP
On the machine which is the smtp carp I have:
DENIED:
Nov 10 16:20:48 WAN 81.174.235.11.34683 192.168.7.1.25 TCP
Looks like one of them has the wrong date too :)
Scott Ullrich wrote:
1. What version
2. What do you see in the firewall filter logs regarding these connections
On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote:
Ok,
I have left and right pfsense boxes. On my opt1 interface I have a carp
setup: 85.116.x.1/27 is the network im using. My internal network is
then 192.168.x.0/24
I have 85.116.x.1 assigned as the virtual
I have 85.116.x.2 on left
85.116.x.3 on right
I want to load balance 85.116.x.1 inbound on port 25 to a pool i have
setup which contains:
192.168.x.1
192.168.x.4
The left and right also have
192.168.x.254 as virtual
192.168.x.252 on left
192.168.x.253 on right
I have a firewall rule which allows * to connect on port 25 to the carp
address which is 85.116.x.1
The tcp connection just times out. At one point it was in the log
saying "bad gateway 85.116.x.1"
Other than this, its exactly as described in the IncomingLoadBalancing
example on the wiki.
Lee
Scott Ullrich wrote:
Many people have followed these and they work. You'll need to provide
more information of how its all setup and what doesn't work.
On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote:
Hi Scott,
I followed those exactly. And yet I still have no Joy :(
Can anyone suggest anything which I may need to tick or the such which
may prevent this from working?
Regards
Lee
Scott Ullrich wrote:
Try visiting these docs:
http://wiki.pfsense.com/wikka.php?wakka=OutgoingLoadBalancing
http://wiki.pfsense.com/wikka.php?wakka=IncomingLoadBalancing
Scott
On 11/10/05, Lee Hetherington <[EMAIL PROTECTED]> wrote:
Hi,
Im new to pfsense and have two machines running 0.92 both with 2x Dual
Port 100+ Intel Management adaptors. I cannot for the life of me get
load balancing working. Here is how I have them setup:
left.pfsense
fxp1 Lan
fxp2 Cross Over cable to right.pfsense for sync
fxp3 DMZ Servers
fxp4 WAN
right.pfsense
fxp1 Lan
fxp2 Cross Over cable to right.pfsense for sync
fxp3 DMZ Servers
fxp4 WAN
On my internal lan and wan I have carp's setup with virtual ip's. I wish
to use one of my virtual ip's to load balance mail to 2 servers on my
internal lan. I have it all setup as per on the wiki but I cannot get
anything through to the mailservers on the internal lan. I have a
firewall rule which allows * to connect to the virtual ip on port 25.
Any ideas? please help.
Lee
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
____________________________________________________________________
This e-mail has been scanned for viruses by Mailsauce. For further
information visit http://www.mailsauce.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
____________________________________________________________________
This e-mail has been scanned for viruses by Mailsauce. For further
information visit http://www.mailsauce.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
____________________________________________________________________
This e-mail has been scanned for viruses by Mailsauce. For further
information visit http://www.mailsauce.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
____________________________________________________________________
This e-mail has been scanned for viruses by Mailsauce. For further
information visit http://www.mailsauce.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
____________________________________________________________________
This e-mail has been scanned for viruses by Mailsauce. For further
information visit http://www.mailsauce.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]