EdgeX and ARPs

[munrog]

Hi Folks,
I'm having problems with an Edge ADSL box and ARP. Basically I have two public IP addresses. One is on the external the other on the DMZ port and an RFC1918 on the LAN port. My problem is that I have an IPSEC tunnel endpoint on the DMZ, but I cannot seem to communicate with it. If I sniff the traffic I see that the ISPs equipment is issuing an ARP who-has for the IPSEC tunnel device, but the Edge box is not responding. I've tried specific rules allowing the traffic through to the device, I've tried setting it up as an IPSEC VPN server and I've tried making it an "exposed host". None of these seems to resolve the issue of no reponse to the ARP. Is there a way to tell the Edge box to act as a proxy arp?

Or should it be that the ISP shouldnt be issuing an ARP who-has? This is PPPoATM not PPPoE...

Ta in advance
Greg

[dsb.nepo]

If you have only 2 public IP' ask the provider to create a static route to the second public IP.
If possible talk direct to the technical stuff (most can solve your problem during you phone with them).

[munrog]

Sorry I meant, I have two public IP Address RANGES. One for the Internet Side and one for the DMZ side. Basically, with sniffer I am seeing "ARP who-has" requests on the WAN side for the IP address of the host on the DMZ, but I am not seening any "ARP reply". I do not see any corresponding packets on the DMZ interface whatsoever.

[dsb.nepo]

I only know that the edge do arp if you have configured nat between a public and a private IP.
But the routing works with ipranges to.

for example
first public range is. 192.168.1.0/28 (edge is 192.168.1.2)
second range is 192.168.1.16/28 (dmz network with public IP)

the provider can create a route like this at his site 192.168.1.16/28 gw 192.168.1.2.

Since the edge know the route from the topo to the 192.168.1.16/28 network the traffic will flow to the dmz interface.