Help with spoofed packet from myself

Barry_Foss · #1 (**permalink**) 06-12-2009, 08:46 PM

running 7.403 and recently just added my Business class cable modem so i have 13 ipaddresses, to the multipath uplink balancing feature and like it. So here is my problem i would test access to the vpn from a laptop plung into the router that was on the cable modem and i would test access as if i was outside the building. Now i can't connect to anything vpn or my webservers because in the packet filter it detects a spoofed address, which i had reseaved just one for a cheep dlink router plug into the cable modem but it is the same subnet since i only have one router on the modem so even though i don't use that address or have it setup on astaro.

I turned off the spoof check and all works, but i don't want to do that, I looked for a way to not check for spoof from one ipaddress, like you can add an execption in IPS and can't find.

So the question is how can i fix this ? i don;t think i can subnet my cable modem addresses since i only have the one gateway on the modem itself, thanks for any insight into this problem..

BarryG · #2 (**permalink**) 06-12-2009, 09:45 PM

Hi Barry, do you have spoof checking set to normal or strict?

Which IPs does it think are spoofed? on the WAN subnet or DMZ?

Barry G

Barry_Foss · #3 (**permalink**) 06-12-2009, 10:05 PM

spoof checking is normal

my dlink as a cable modem was side (a internet ip of x.x.x.26) which is trying to get to the WAN side of astaro on a t-1, ethier a vpn connection or a website, But i have a second interface with a ipaddress for cable modem of x.x.x.25 in the same subnet of the .26 and both gateways is .17.

So .26 is in packet filter trying to get to my net line which is a t-1

BarryG · #4 (**permalink**) 06-13-2009, 09:27 PM

You shouldn't have 2 interfaces on the same switch/network; I think that is the problem.

Barry