-----Original Message-----
From: DPG [mailto:[EMAIL PROTECTED]]
Sent: Saturday, September 15, 2001 4:01 PM
To: Lonnie Cumberland
Subject: RE: [Leaf-user] Proxy-ARP Script Problems
Lonnie,
I got one working back in June, with some difficulty. Once it's up, it just
runs, so hang in there...
Scripts alone won't completely solve your problem. Are you sure you have
your DMZ subnet pared-down correctly? Have you masked your DMZ address
range as tightly as you can, and excluded the remainder with DMZ_EXT_ADDRESS
statements? This was tricky thing for me, and I couldn't figure out how to
do it with Charles spoonfeeding the answer to me. I now understand the
magic, but I would not have figured it out without his help.
Hope this helps:
1. www.gilleece.net/lrp/netconf.txt is my network.conf
2. www.gilleece.net/lrp/diagram.txt is a diagram of the network configured
3. www.gilleece.net/lrp/etc.zip is the entire etc.lrp file from a working
boot disk
4. www.casano.com/lrp/proxy_arp.html has a great cookbook for putting this
together.
5. Look through GeoCrawler, and find my conversations with Charles around
mid-June. He gives a great explanation of creating the little phony
"mini-subnet" you need for your DMZ.
Also, MAKE SURE you have all ARP caches cleared when you try it. I'd
recommend this method to save your sanity:
1. Power down EVERYTHING in your control.
2. Power the firewall up first, then the hosts behind it.
3. For systems with a command for manually flushing the ARP cache, do it.
4. Grab your beverage of choice, and wait for an hour (perhaps more) for
your ISP's gateway to "get it" --- and don't underestimate how long that
might take. That one system is out of your control, but critical to making
this thing fly.
I thought I was going to lose my sanity getting it all together --- but once
it was in place, it was zero effort.
Good luck,
Dan
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Lonnie
Cumberland
Sent: Saturday, September 15, 2001 1:20 PM
To: [EMAIL PROTECTED]
Subject: [Leaf-user] Proxy-ARP Script Problems
Hello All,
I have been trying for a long time now to get the Proxy-ARP set up
but I cannot seem to get the scripts to work.
In every case, I can easily configure eth0 to talk to the outside
world, but then I cannot talk to the DMZ
I have been using the EigerStein LRP and in the past have had not
troubles setting up the Masquerading firewall.
I havebeen trying to set up:
With gate (146.9.31.1)
INTERNET
|
| 146.9.31.19
-----
|LRP|
-----
| 146.9.31.19
| (DMZ)
|
---------- 146.9.31.x -----
| | |
Server Server ... Server
(38) (18) N
Could some one please send me some scripts that they have which are
working?
I cannot seem to find the problem with mine.
Sincerely,
Lonnie
--
Lonnie Cumberland
OutStep Technologies Incorporated
TEL:(313) 832-7366
URL: http://www.outstep.com
EMAIL: [EMAIL PROTECTED]
: [EMAIL PROTECTED]
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
