Hi, You were right it had to do my topology. The firewall is working correctly now.
Thanks again for all you help On Thu, Mar 26, 2009 at 8:07 PM, Eric Magutu <emag...@gmail.com> wrote: > Hi Micheal, > I was trying to simulate the conditions of the server on a test machine. > I'm pretty sure now I didn't take into account all the network aspects, > silly mistake :-) Its probably my routing. I will check on my routes > tomorrow and get back to you. > I think there is only one active interface though. > > > On Thu, Mar 26, 2009 at 7:33 PM, Michael K. Smith - Adhost < > mksm...@adhost.com> wrote: > >> Hello Eric: >> >> >> Hi everyone, >> >> Can you provide a little more information about your topology? Right now, >> you only have one interface defined in your rules, but you are attempting to >> pass traffic between two subnets. That would suggest you have two >> interfaces and, if so, both need to be accounted for in your rules below. >> You'll have to have pass/block rules for both. It looks like this: >> >> 172.16.0.0/16 -> le0 <firewall> -> (some other interface) -> 10.0.0.0 >> >> Could you tell me if that is correct? >> >> Thanks, >> >> Mike >> >> ----- Original Message Snipped ----- >> Thanks for all your input so far. I have tried to implement all you >> suggestions but have gotten stuck. I set up a test machine in the office >> with the ip 10.0.0.110 and encountered the following problems: >> >> when I enables antispoofing the firewall didn't work >> >> when I tried allowing the 10.0.0.0 subnet it worked ok but when i tried >> connecting from machines on the 172.16 subnet I was unable to connect. >> >> Can you please let me know what I'm doing wrong? >> ---------------------------------------- >> > > > > -- > Regards, > Eric Magutu > > -- Regards, Eric Magutu _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"