You can not access the public IP address of the same IP pool. You have this 100.2.2.8/25 on your WAN interface. Check this 100.2.2.9:53 from outside your network. From inside, you can not use this (100.2.2.9:53) address to query your DNS. Use the internal network address of the DNS server.
On Thu, Jan 6, 2011 at 10:58 AM, Pandu Poluan <pa...@poluan.info> wrote: > Hello again! > > I think I'm having trouble with VIP. > > The scenario is this (IP addresses obfuscated): > + WAN address is 100.2.2.8/25 > + LAN address is 192.168.1.1/24 > + I create a VIP, CARP, 100.2.2.9/25 > > Now, I tried to make a NAT: > + 100.2.2.9:53 forwards to 192.168.1.20:53 > + A firewall rule is automatically created > > However, all attempts to contact the DNS Server via 100.2.2.9:53 fail. > > If I try ping-ing an external IP address from the DNS Server > (192.168.1.20), it works. > > Where did I go wrong? > > -- > Pandu E Poluan > -- Regards Abdulrehman
