I desperately need some advice with regards setting up a Cyberguard SG565 Router.

I am with iiNet ADSL2+ using a Billion 7300 ADSL2+ Modem in bridging mode connected to the Cyberguard. The Cyberguard is set up with 1 WAN port and four ports set up as VLANS (only 2 being used at moment set up as 192.168.0.x & 192.168.1.x subnets). These VLANs are connected to a gigabit VLAN capable managed switch. The 192.168.0.x network has a few workstations on it along with 1 old G4 desktop server. The Cyberguard was set up with DNAT and port forwarding to pass traffic aimed at my default static IP (supplied by iiNet) to my server on the 192.168.0.x subnet and everything works fine as expected for all sites on that machine.

The trouble however is related to the other 192.168.1.x subnet. I have set up a rack full of XServe's which I am wanting to set up to replace my old single server. I got an additional block of 4 IP's from iiNet (2 usable), and set up the Cyberguard with IP Aliases and used I to 1 NAT to point these 2 additional addresses to 2 of the 6 XServes along with suitable port forwarding rules. Everything appeared to work okay. I could access the old server on the 192.168.0.x subnet using FQDN's set up with ZoneEdit's DNS servers and I could access the 2 XServes I'd set up on the 192.168.1.x subnet using both their internal and external Ip's. Everything looked fine so I went to Zone Edit and pointed 2 domains that I'd moved to one of the new XServe's to their external IP. Everything worked fine, I could open these sites in a browser from computers using 2 diffrent ISP's. I was happy and went to bed.

Next day I got email from iiNet saying my monthly quota was almost used up. I logged into their Toolbox and when I viewed my usage discovered that nearly 15 GB of traffic had been used over the last 18 hours. I got onto tech support who were great and eventually located where the problems laid. I could run anything on the 192.168.0.x without anything unusual. The moment however I turned on a machine on the 192.168.1.x subnet my usage jumped to over 400MB/hr. It didn't matter which XServe on that subnet was on, the moment I turned them off so nothing was running on that subnet usage went back to about 3MB/hr as usual.

I'm convinced the problem must lie with some setting I've either made or forgotten to made on the Cyberguard and I reallly need to get these new XServes public and move all my sites across but I need to find out what is causing this massive bandwidth jump first when I use machines on the 192.168.1.x subnet. Any help would be appreciated and if somebody's a network wiz I can email them a copy of my config to check over. It's really p****ing me off having a pile of XServes I can't turn on. By the way I connected one of the other XServes to the 192.168.0.x subnet without any problems so it is just a 192.168.1.x subnet problem. I've already been shaped for going over limit this month because of this problem.

Can't say I have ever setup that router.... although that usage sounds like the subnet is broadcasting and forwarding all its lan traffic out the wan port no matter what... of course you know and I know thats wrong.

Well it looks like I figured out the problem. It turns out when I set up the 192.168.1.x subnet I set up IP alias's, set up a named service for the port forwarding & then set up 1-1 NAT & applied the port forwarding rule I'd set up as a named service.

The trouble was that 1-1 NAT forwards all traffic to the destination machine with all ports open (like domestic routers might have for a DMZ to expose a game machine without having the firewall block any ports) where as by applying the Port Forwarding rules I had set things up to forward packets to the same destination IP but this time with all ports blocked except for those specified in the Named Service I'd set up earlier. In affect both rules were contradicting each other and some kind of loop effect must have been set up.

Solution was to disable the rules I set up for 1-1 NAT and just use DNAT for everything. I don't know if this is the best way to run things but at least everything appears to be working okay and my iiNet usage meter has still stayed low since altering my Cyberguard configuration.