hi. sorry for the late reply ... been busy. When I first started this "project" I read while doing research that it is not a good idea to use eth0:1 using iptables ... but after you wrote the below I did some more RTFm and came to the conclusion there is not anything wrong doing this when done right. So I made a new chain name and directed all traffic with the IP address through that chain letting only mail (inc ssl etc) traffic pass - thanks its working now. Jobst On Mon, Aug 19, 2013 at 11:34:37PM -0500, Les Mikesell (lesmikesell at gmail.com) wrote: > On Mon, Aug 19, 2013 at 10:41 PM, Jobst Schmalenbach > <jobst at barrett.com.au> wrote: > > > > Hi > > > > I have two different IP addresses (in a block of /29), one is on port 0 and the other is on port 2 of a Ciso 888. > > I am doing this so I can have two different certs with two different ip addresses. > > > > I have tried: > > > > 1) one machine, two real interfaces, two cables (eth0 and eth2) > > 2) one machine, one real interface eth0 and one virtual interface eth0:1, one network cable > > > > > > Using number 2) > > I can ping the two different ip addresses, no problem. The only problem here is that iptables does not work (I cannot create rules for eth0:1 - and yes I know about the security implications). > > Why do you need different rules for eth0:1? Can't you specify the IP addresses? > > -- > Les Mikesell > lesmikesell at gmail.com > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos -- My Carpenter has a 1956 VW Beetle. He still can go to any place in Australia, use any Oil, spark plugs, pertol, tires, wiper blades, etc available today with a car that old. If only software would be like that. | |0| | Jobst Schmalenbach, jobst at barrett.com.au, General Manager | | |0| Barrett Consulting Group P/L & The Meditation Room P/L |0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia