Three-legged firewall woes
This is a discussion on Three-legged firewall woes within the comp.unix.bsd.openbsd.misc forums, part of the OpenBSD category; --> I have a machine with the familiar three-legged firewall setup. sis0 is connected to a DSL router (Cisco 678). ...
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2008, 07:02 AM
| ||||
| ||||
 Three-legged firewall woes I have a machine with the familiar three-legged firewall setup. sis0 is connected to a DSL router (Cisco 678). It has the public IP (1.2.3.4). sis1 is connected to a hub to which the client machines connect. Its IP is 192.168.0.1. The machines connect to and through it with no problem. They have IP addresses of 192.168.0.2 . . . and have their default gateway set as 192.168.0.1. I have a nat rule for them, etc. sis2 is connected to my server. Its IP is 192.168.1.1. The server's is 192.168.1.2 with default gateway of 192.168.1.1. I I cannot, for love or money, connect to the server. Both ping and SSH just hang. I know the firewall ruleset isn't a problem because I changed it to "pass all" (temporarily) and had similar problems. Interestingly, 192.168.1.2 does come up in "route show." Any suggestions/ideas?      |
|
02-16-2008, 07:03 AM
| |||
| |||
| Re: Three-legged firewall woes sealinux@gmail.com wrote: .... > I cannot, for love or money, connect to the server. Both ping and SSH > just hang. .... > Any suggestions/ideas? Ensure your server has a route back to the 192.168.0.0 network? |
|
02-16-2008, 07:03 AM
| |||
| |||
| Re: Three-legged firewall woes The server, or the firewall? Here's the output of netstat -rn (note 1.2.3.4 is static IP assigned by ISP, 1.2.3.1 is default gateway): Routing tables Internet: Destination Gateway Flags Refs Use Mtu Interface default 1.2.3.1 UGS 8 139896 - sis0 1.2.3/24 link#1 UC 2 0 - sis0 1.2.3.1 0:5:5f:7b:f4:8c UHLc 1 0 - sis0 1.2.3.4 0:2:e3:5:60:66 UHLc 0 17 - lo0 127/8 127.0.0.1 UGRS 0 0 33224 lo0 127.0.0.1 127.0.0.1 UH 1 492 33224 lo0 192.168.0/24 link#2 UC 3 0 - sis1 192.168.0.1 0:2:e3:16:92:a9 UHLc 0 2 - lo0 192.168.0.3 0:3:47:40:a:e5 UHLc 0 13663 - sis1 192.168.0.105 0:11:24:7d:32:3c UHLc 1 141 - sis1 192.168.1/24 link#3 UC 2 0 - sis2 192.168.1.1 0:2:e3:1f:5:a6 UHLc 0 97 - lo0 192.168.1.2 0:10:4b:34:4a:aa UHLc 0 186 - sis2 224/4 127.0.0.1 URS 0 0 33224 lo0 Does this help? How do I add the route? I know "route add," but how would it work in this case? |
|
02-16-2008, 07:03 AM
| ||||
| ||||
| Re: Three-legged firewall woes sealinux@gmail.com wrote: > How do I set up routing between the two interfaces??? sysctl net.inet.ip.forwarding=1 (/etc/sysctl.conf) |
 |
« Does OpenBSD understand the __thread variable declaration ?
|
LDAP user account without local account »
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 10:45 PM.
