I have an question regarding having 3 different public's IP - with different portforward pr ip
I should have port 80/443 open on each public IP towards 3 differnet subnets. + the ISP have added 2 Extra IP's
But the normal portforward from before adding the extra IP's are still working - But I cannot make the rules on the "new" IP's work.
The 1. public IP - is used for user network internal --> this IP is added from ISP DHCP server
The 2. public IP - is used for their mail system --> This IP is static addad from ISP
The 3. public ip - is used for the Webservers --> This IP is static addad from ISP
How do I difference on which IP should flow to - The Masquerade part is up and running, the 3 different subnets have a seperate public Ip
Notmally I create the rules etc in winbox - so cannot make the line for creating the rule
But created under firewall - NAT
chain=dst-nat destination-address=Public IP 2 protocol=tcp destination-port=80 in-interface=WAN
action=dst-nat to-address=172.16.200.2 to-port=80
But with this I cannot see any trafic through the rule.
I see one rules created for the extra IP
The addresses are added manuelly under address list - to the WAN interface - but only created route for one of the IP - should this autocreated be delketed - and the add them manually ???
Code: Select all
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m # DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 ADS 0.0.0.0/0 22.214.171.124 1 1 ADC 126.96.36.199/30 188.8.131.52 WAN 0 2 ADC 172.16.100.0/24 172.16.100.1 DMZ 0 3 ADC 172.16.200.0/29 172.16.200.1 WEB-DMZ 0 4 ADC 192.168.201.0/24 192.168.201.1 LAN-Bridge 0 5 ADC 184.108.40.206/28 220.127.116.11 WAN 0
And the last thing I'm struggling with is - I'm able to ping the first public IP - not number 2 or 3 - but my guess it have something to do with the routing.
But What I do not get - is when the machine in the WEB-DMZ resolves to the 99 public IP
So what am I missing here
Code: Select all
root@fws-vm02:/home/pbj# dig +short myip.opendns.com @resolver1.opendns.com 18.104.22.168
Thanks in advance