?
Solved

Watchguard firewall setup XTM25

Posted on 2013-01-24
2
Medium Priority
?
721 Views
Last Modified: 2013-02-01
Taking a different approach here. I was recently assigned a bank of 6 static IP addresses in which I want to 1) set up an email server on which has squirrelmail, ispconfig, postfix, etc. 2) set up a static IP for each of my webservers. I need multiple services for each server, such as email server which has https, http, smtp, pop. SSL ports (465/995) for POP and SMTP, and for the webservers http, and SSH. On the static IP's I have 216.xxx.xxx.160 /29 and use .161 for the gateway, and .162 for the WAN interface, leaving 163-166. I can ping out using this setup, but cannot get in. I assumed I could just do a 1-to-1 NAT and not have any issues, but I cannot access anything when trying from an external network. Any ideals? What am I leaving out?
0
Comment
Question by:ITmanage
2 Comments
 
LVL 17

Accepted Solution

by:
TimotiSt earned 1500 total points
ID: 38815264
You could use proxy-ARP on the WAN interface, so it'll reply for the public IPs.
Not sure how exactly to set that up on Watchguard, though...
See page 55:
http://www.watchguard.com/help/docs/v741WFSConfigurationGuide.pdf


Tamas
0
 

Author Comment

by:ITmanage
ID: 38815359
So far all I'm seeing is that I will have to change it to "drop-in" mode to use proxy-arp
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question