• February 24, 2025, 11:54:27 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Problem setting up multiple wan ip  (Read 5925 times)

HSideback

  • Level 1 Member
  • *
  • Posts: 2
Problem setting up multiple wan ip
« on: October 02, 2009, 03:59:01 AM »
Hi there,

I'm using a DFl-210 and I have 5 public IP addresses on the same network. I'd like to use one of them as the fw adress (wan_ip) and I'd like to use the others for NATing services in the DMZ (which uses a private IP range.

Everythig worked fine for the first IP address, even when using it for NAT.

However, I can't get my head around how to set up the remaining 4. Here's what I've done:
- set up wan_ip[2-5] in the address book (wan_ip, wannet, etc alreday defined and working)
- created routing rules for wan_ip[2-5] core, wan_ip[2-5], metric:0 (with ProxyARP for all networks)
- created an ALLOW rule for lan interface to allow all services to wan_ip2

--> In this step I can ping wan_ip2 from the lan network, just as expected.

However, I can't get a SAT rule to work. However I write it, it seems the packet is never forwarded, always picked up by the firewall.

What am I missing?

BR
/Henrik
Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: Problem setting up multiple wan ip
« Reply #1 on: October 02, 2009, 08:31:21 AM »
You don't need proxy ARP on your route.

You do however need to add a ARP publish for your additional WAN IPs.

What do you mean when you pay picked up by the firewall, you wouldn't be trying to forward a service that this device is configured for remote management on would you?

There is an option under the advanced settings of remote management called "HTTP before rules" which is enabled by default if it is on then you will not be able to make a rule that effects HTTP into the firewall.

The secret is to change your HTTP and HTTPS ports to something else on that advances settings page for remote managment.
Logged
non progredi est regredi

HSideback

  • Level 1 Member
  • *
  • Posts: 2
Re: Problem setting up multiple wan ip
« Reply #2 on: October 02, 2009, 09:10:28 AM »
Hello, and thanks for your prompt feedback!

1) How do I publish the ARP for my additional WAN IP (I'm don't have access to the device at the moment)?

2) When I say 'picked up by the firewall' I mean that when I ping, the reply time is < 1 ms, even when I forward ICMP ECHO to e.g. google.

3) OK, so I should not use the standard HTTPS port for remote admini? I can change that, no problem. I just don't think that's the core issue here (as far as I can understand, which admittedly is not very far...)

BR
/Henrik
Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: Problem setting up multiple wan ip
« Reply #3 on: October 02, 2009, 10:23:51 AM »
Under Interfaces->ARP add a Publish entry, on the WAN Interface with your new IP.

Ensure that your port forward is the first rule that applies to that traffic, for your pings you may already have a rule above your SAT rule.

that advice was based on the presumption that you were trying to forward HTTP and getting the login page for the DFL instead of your server.  It does not sound like that is the issue.  That said it is never a bad idea to move to a less known port.
Logged
non progredi est regredi