I am setting up one host to be on a static NAT address. My public
addresses start with 12.x.x.84 and I have added a secondary ip address
of
12.x.x.85. I set up the NAT using the .84 interface in the bindings
and
configured it to NAT 10.1.1.198 on the private network. The goal is
to
allow this machine's software to communicate with a vendor. I have
not
gotten enough information from the vendor(ADP) but it sounds like the
host
uses port 443 to talk their box.

When I load ping in the server I can see ping .84 but not .85. It
shows
in the list when I type in DISPLAY SECONDARY IPADDRESS. If I set TCP
IP
DEBUG=1 I can see ICMP being discarded due to filtering. I have
mostly
default filters with exceptions for GW Webaccess and communication to
port
443 from high ports and back.

The system is not working and I have tried some troubleshooting but am
not
sure I have the NAT part working. I do not want to shut off filtering
as
part of the testing. I was thinking about setting up an exception for
all
traffic to and from the one host at their end since I have the IP
address
but am a little reluctant since I worry about misconfiguring.


Any ideas or thoughts?

Thanks,
Bruce