I have an application that sends http request packets to a microsoft loopback adapter on 172.31.1.1 (not 127.0.0.1 ), the response is then sent out via the main interface on 172.31.1.2. The application is actually an external loadbalancer doing low level MAC re-writing and needing the answering machine to accept the IP address of 172.31.1.1.
This works perfectly until I turn on the windows firewall. I've configured both the loopback and external interface to accept connections on port 80 and can connect and get responses from both ports on the command line. I found and used the microsoft netsh tool to turn on logging for the firewall and found that the response packets are being dropped on their way back out to the calling IP. So the loopback is still recieving them and IIS is dealing with them and sending them out through the external interface. The firewall is then dropping them, I assume for spoofing.
The message in the firewall log is
DROP TCP 172.31.1.1 126.96.36.199 80 dest etc
So I think the firewall is dropping the outbound packets because they are pretending to originate from the loopback IP but coming from the external interface.
My question is how do I set the firewall to allow outbound packets on ther external interface but from the IP of the loopback. The critical thing is that I can't add the loopback IP to the external interface because I need it to not respond to ARP requests while the main IP should respond to ARP requests. The only way I know of to do this is to have them on different interfaces.
thanks in advance
-- PrintWhatYouThink - Slogan tshirts for the individual