Firewall/NAT

I use WAN / LAN (DMZ not activated). I have few issues with no logic..  LAN is 10.1.1.0 network. No DHCP.

When I start any of my 3 Win2K webservers (example 10.1.1.13) I get IP collision. In the log I can read the collision is with Monowall LAN interface mac address.  Same problems if I change IP, to any! I get allways collision with Monowall, but no of those IPs are used.

The trick is to disconnect LAN cable, start webserver, connect the cable. No collisions, but.. I can't connect till Ms SQL from one Webserver to another, on LAN. I works some time for a short while, like once, than, I get error. Both servern respong on ping and as far I can see all other stuff is working fine. Web sites on both are running fine.

I'm sure this has something with the IP collisions to do, something is not right. I tried the setting "Bypass firewall rules for traffic on the same interface", no differance. Tried different switch, restating all machines, etc. Help!

The setup was working OK on an earlier pfSense FW bu t I had FTP issues and now upgraded FW hardware with Monowall instead.

I use WAN / LAN (DMZ not activated). I have few issues with no logic..  LAN is 10.1.1.0 network. No DHCP.

When I start any of my 3 Win2K webservers (example 10.1.1.13) I get IP collision. In the log I can read the collision is with Monowall LAN interface mac address.  Same problems if I change IP, to any! I get allways collision with Monowall, but no of those IPs are used.

The trick is to disconnect LAN cable, start webserver, connect the cable. No collisions, but.. I can't connect till Ms SQL from one Webserver to another, on LAN. I works some time for a short while, like once, than, I get error. Both servern respong on ping and as far I can see all other stuff is working fine. Web sites on both are running fine.

I'm sure this has something with the IP collisions to do, something is not right. I tried the setting "Bypass firewall rules for traffic on the same interface", no differance. Tried different switch, restating all machines, etc. Help!

The setup was working OK on an earlier pfSense FW bu t I had FTP issues and now upgraded FW hardware with Monowall instead.

Are we talking about a *lot* or collisions of just a few? Collisions are not as bad as you think, it just means one device was talking at the same time as another. If your Win2K servers have heavy traffic, collisions are bound to happen a lot. I think you referring to something beyond the control of m0n0wall as a simple network with 2 computers can cause collisions during data exchange.

Plot out a network diagram here to give us a better idea of what you are referring to.

Sorry I was not clear. The traffic is low, I have 2 Linux servers (mail and dns) and 3 web servers (2 x Win2K and NT). The LAN network is 10.1.1.1-254. 254 is the FW, I use also 11, 12, 13, 22 and 31. No other IPs. The subnet is 255.255.255.0

The problem is that as soon I restart any of my webservers I get error "Your IP is already in use on the network, the lan interface was disabled." In the log I can see that it was FW lan mac address coused collision. The IP I used are 100% free, I checked with many differen IPs, always same problem. No logic here.

Maybe there are some hiddens settings in the Monowall, error or bug?  I use latest version 1.3b18.  I understand that teh problem could also be on my network... but why was it working with pfSense and not now ? No other changes ware made.

Reg. the SQL problem:

"DRIVER=SQL Server;SERVER=sql2.intermax.se;UID=***;PWD=***;DATABASE=***;"

Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC SQL Server Driver][DBNETLIB]SQL Server does not exist or access denied.

Some time it woks for few minutes... Of couse the server exist. I run on the other server applications using SQL, no problem.  Both web servers are on teh same network,  has connection, I can browse the network. I'm sure this has something to do with the IP error and change of my FW. The FW is teh only thing changed, and all seems to be OK before.

Sorry I was not clear. The traffic is low, I have 2 Linux servers (mail and dns) and 3 web servers (2 x Win2K and NT). The LAN network is 10.1.1.1-254. 254 is the FW, I use also 11, 12, 13, 22 and 31. No other IPs. The subnet is 255.255.255.0

The problem is that as soon I restart any of my webservers I get error "Your IP is already in use on the network, the lan interface was disabled." In the log I can see that it was FW lan mac address coused collision. The IP I used are 100% free, I checked with many differen IPs, always same problem. No logic here.

This problem needs to be resolved first. I wasn't clear on if you manually assign your IP to the computers or if you use DHCP to assign them? It's possible you have a problem where a manually assigned machine is being lumped in with a DHCP machine assigned the same address.

Maybe there are some hiddens settings in the Monowall, error or bug?  I use latest version 1.3b18.  I understand that teh problem could also be on my network... but why was it working with pfSense and not now ? No other changes ware made.

Reg. the SQL problem:

"DRIVER=SQL Server;SERVER=sql2.intermax.se;UID=***;PWD=***;DATABASE=***;"

Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC SQL Server Driver][DBNETLIB]SQL Server does not exist or access denied.

Some time it woks for few minutes... Of couse the server exist. I run on the other server applications using SQL, no problem.  Both web servers are on teh same network,  has connection, I can browse the network. I'm sure this has something to do with the IP error and change of my FW. The FW is teh only thing changed, and all seems to be OK before.

Let's work through the first problem first as it will cause all of the problems mentioned (two machines fighting over the same IP address)

No DHCP on this net. The IP are free, but i get vonflict anyway. Always with NIC from teh Monowall. Independet what IP i try.

I just noticed that I can't access server 2 from server 1 on the network, so it is not only SQL... some general error. I can ping all servers, but no network browsing.

I login to teh FW, resaved teh rulle on LAN, LAN -> all, all ports. It helped fro one minute! I could browser teh network, but suddenly I lost connection again. Server have always connection with the FW but loose connection with each other on LAN.

Spookie... Really crazy, and I'm sure it has to do with the Monowall FW, I had never problem like this on teh old pfSense.

I did try to solve this by my self but I can't. Is there anybody who is really good and can help me, I pay of course if my problems wil be solved. Please

I suggest you post your configuration here.

Steve.

Are you running a Dumb switch or a Managed/ Smart switch on the network?
It might seem unimportant but I've experienced switches (they're not smart, just have a nice little LCD that shows concurrent bandwidth usage) that don't like certain subnet addresses.

Also, try unplugging the monowall router from the switch and test if the servers can connect to each other first to eliminate any possible problems with the software configuration.

I run dumb switch, yes. I tried two different, same problem. As soon I disconect teh FW there is no IP conflicts.So the problems is in the FW, hardware or software, don't know.

I did a temporary sollution, added another NIC to two of the webservers and confugures secondary net 10.1.0.x just to be able to connect betwean those two. Works perfect. I have still to disconnect the LAN from the FW to be able to restart any of servers... The problem is the Monowall, or teh FW hardware...