Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience.
03-24-2018 01:25 AM - edited 03-24-2018 07:09 PM
Dear all,
I've 2 internet lines connected to 2 different ISP: ISP-1 and ISP-2. Default route to internet is the connection to ISP-2
I just bought 1 more public IP range from ISP-1 that belong to a different subnet with my current ISP-1 public IP range.
Now I want to NAT my server using an IP in the new public IP range, but server cannot connect to internet. I've checked logs and see no problem (NAT is successfull, securitiy rules is allowed).
I've no problem if I NAT using current old public IP range. So is there any configuration I have to do before using the new IP range for NAT?
03-26-2018 10:39 PM
Thank you all for your help,
'Cause the default route is connection to ISP-2 so I've to create a pbf rule redict it to ISP-1. And found out that my pbf rule configuration missed Next hop IP ( I thought that only Egress interface is enough).
Problem has been solved now 🙂
03-24-2018 04:17 PM
Do you have only default gateway in your virtual router or have also configured policy based forwarding policies?
03-24-2018 06:46 PM
Thank you Raido for your reply.
I use pbf also, because by default traffics from my server go outside via ISP-2 so I created a pbf rule redirect traffic to ISP-1.
I also add an IP in the new IP range to ISP-1 interface.
I've no ploblem when NAT using the old IP range, but when using the new IP range, connection failed.
03-25-2018 01:43 PM
If you traceroute and look at the associated session, can you see it egressing on the ISP1 interface, with the SNAT address of your new IP?
If so, I think it sounds like the Internet does not have a route back to your new IP. Either your ISP will need to advertise this on your behalf, or you are using BGP. If the latter, have you added the new IP into your export statements for BGP and can you confirm it is being advertised (you can see this from the BGP RIP under network > routers)?
Cheers,
Shannon
03-26-2018 01:52 AM
id you add the IP to your ISP-1 external interface?
you'll want to do that to ensure NAT and routing are using the appropriate interface to send packets out of and perform proxy arp
03-26-2018 10:39 PM
Thank you all for your help,
'Cause the default route is connection to ISP-2 so I've to create a pbf rule redict it to ISP-1. And found out that my pbf rule configuration missed Next hop IP ( I thought that only Egress interface is enough).
Problem has been solved now 🙂
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
