Vigor 2952
Firmware: 3.8.4.1

WAN2 IP Alias (Multi NAT)

There seems to be a reliability issue with IP Alias (Multi NAT).

I have a range of IP addresses and want to user them to access different servers and protocols behind the firewall.

I think the issue is with the NAT (Open Ports set up), as there is nothing in the syslog from the firewall.

I have tried every combination of Open Ports, DMZ, and Port redirection. When the router decides to throw a wobbly nothing works. Leave it a while and then it will allow access as expected.

Wan 1 IP address = n.n.n.34
Wan 2 IP address = n.n.n.35
Wan 2 IP Alias:
1. - Enabled - n.n.n.35
2. - Enabled - n.n.n.36
3. - Enabled - n.n.n.37

NAT - Open Ports
1. Server 1 - WAN2 (n.n.n.35) TCP: 443 -> 192.168.0.10
2. Server 2 - WAN2 (n.n.n.36) TCP: 443, 25 -> 192.168.0.20
3. Server 3 - WAN2 (n.n.n.36) TCP: 22 -> 192.168.0.30
4. Server 4 - WAN2 (n.n.n.37) TCP: 443,903 -> 192.168.0.40


FireWall - Default Data Filter

1. xNetBios -> DNS. LAN/DMZ/RT/VPN -> WAN, Src IP: Any, Dst IP Any, TCP/UDP, Port: from 137~139 to 53, Block Immediately
2. Open Server 1. WAN -> LAN/DMZ/RT/VPN, Src IP: Any, Dst IP 192.168.0.10, Service Type: TCP 443, Pass Immediately

< Note: i have tried with no firewall rules and just open ports. This worked for a while then stopped. >

2. Open Server 2. WAN -> LAN/DMZ/RT/VPN, Src IP: Any, Dst IP 192.168.0.20, Service Type: TCP 443, 25, Pass Immediately
2. Open Server 3. WAN -> LAN/DMZ/RT/VPN, Src IP: Any, Dst IP 192.168.0.30, Service Type: TCP 22, Pass Immediately
2. Open Server 4. WAN -> LAN/DMZ/RT/VPN, Src IP: Any, Dst IP 192.168.0.40, Service Type: TCP 443, 903, Pass Immediately

I am now stuck as I cannot get any combination to work. No traffic passes to any of the internal servers via the Alias WAN2 IP (n.n.n.36 or n.n.n.37) address. Traffic will pass as expected via The WAN1 (n.n.n.34) and WAN2 (n.n.n.35) external IP's.

I have looked at all the examples of how to configure IP Alias (Multi NAT) and followed the instruction verbatim (except IP addresses) and still does not work.

Please help
Thanks

Anything to do with this ? http://www.draytek.co.uk/support/guides/kb-forwarding-tcp443

Hi, thankyou for the reply. Unfortunatley not I have set the management port to 444.

The propblem is not specific to port 443 a I can;'t any traffic through the router on any IP Alias (Multi NAT)

On 28th June 20187, After some time and a quite a bit of email communications drytek have responded:

"We have replicated the issue and are currently consulting with our Next Level Support team on this. I will provide you with an update soon."

So finger crossed a fix "soon"!