On 13 Dec 2001, at 18:06, Michael Zhao wrote: > Hi , > > My former network structuer is as following : > > outside > | > fw > | > Cisco switches > | > | > | > WSs SRVs > > I want add another net segments to my net. I insert two NIC interfaces > on my windows nt server 4.0 system ( sp 6a). One NIC connect to switches > via the normal cable , and another one connect to a HUB where connected > by some clients. I am sure I did the correct multihomed configuration . > I test the routing using ping . I can ping the new clients from the old > internal machines but can not do it vice versa. But I can ping both > sides between fw and new clients . > > What can I do ? Could anybody give help ? > Thanks > > Michael
You probably haven't given us enough information[*]. However.... > I test the routing using ping. I can ping the new clients from the > old internal machines but can not do it vice versa. Ping and successful response requires correct packet flow in both directions. So if A can ping B, there cannot be a routing or cabling problem preventing B from pinging A. The only times that I have seen thie kind of asymmetric pingability that you report is when some sort of filtering/firewalling has intervened, typically preventing certain ICMP packet types from flowing in a specific direction. On many hubs, there is an "uplink" port which is actually just a cross-over wired alternate connector for the adjacent regular port. Strange things can happen if you have machines plugged into both connectors. (In your case, you should not have anything plugged into the uplink port, which is for cascading multiple hubs....) [*] > I am sure I did the correct multihomed configuration. Not to pick on you personally, but I see an *awful* lot of questions from people whose networks aren't working, who will make a point of saying that they are *sure* the configuration is correct (even though it isn't working...) but don't supply the configuration so that those whom they hope will help can *verify* that it is/looks correct. David Gillett _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
