So I have two public IP addresses on a class C and my default route goes out on that subnet as well.

So I have XXX.XXX.XXX.41 and XXX.XXX.XXX.42 and the default route has 0.0.0.0/0 with pref-src of XXX.XXX.XXX.41 and gateway of XXX.XXX.XXX.1 distance=1

Traffic routes out with no issues. What I'm trying to do is when traffic comes back in on XXX.XXX.XXX.42, it drops. If I change the pref-src to XXX.XXX.XXX.42, it starts flowing.

Am I goofing something up in NAT? When the pref-src is matching the interface I have the port forwards on and filter chain I use, it works great. But I need to be able to have XXX.XXX.XXX.41 with it's own setup of port forwards and filters...

Thanks in advance!

use check gateway arp to make this work. in nat, don't use out interface.

use check gateway arp to make this work. in nat, don't use out interface.

so I don't masquerade the 3 outside interfaces?