Secondary IP Range causing IP Spoofing Errors
Posted on 2010-11-29
I have a sonicwall 2040 PRO, OS ENHANCED 4.0 and I recently switched my internet service to Embarq. Unlike my old provider my primary WAN IP and my additional IPs are on different subnets/ranges.
XXX.XX.227.238 255.255.255.252 is the Primary
and XXX.XX.165.120 / 29 on 255.255.255.248 is the secondary.
I have the Primary working find on X2 (I still have my old ISP on X1)
I setup an ARP entry for the secondary at XXX.XX.165.121 in X2 published
I have an address object for XXX.XX.165.120, WAN, Network, 255.255.255.248 and a Route for
ANY to that Address Object, Service ANY, Gateway 0.0.0.0, Interface X2
and I have setup an Access Rule from there to my private Ip for my webserver.
When I hit the XXX.XX.165.121 the request times out and there is an error in the log that the:
IP spoof dropped XXX.XX.160.132, 45424, X2 XXX.XX.165.121, 8, X2 MAC address XXX
in a packet capture it shows: X2*(i) -- XXX.XX.160.132 XXX.XX.165.121 IP TCP 47569,80 DROPPED 78
Any suggestions? I have never had two different subnets and ranges before from the ISP.