Charles Steinkuehler wrote:
>
> > > DCD: Special Second External Interface ???
> > >
> > > [1] Summary diagram:
> > >
> > > +-------------------+
> > > | |
> > > | Remote Vendor |
> > > | Private Network |
> > > | |
> > > +-------------------+
> > > Florida ^
> > > |
> > > Chicago v
> > > +-----------------------+
> > > | |
> > > | ISDN Router |
> > > | Auto Dial, NAT, &c. |
> > > | |
> > > +-----------------------+
> > > ^ 192.168.14.252
> > > |
> > > | 192.168.14.0/24
> > > |
> > > v 192.168.14.254
> > > +-------------------+
> > > | eth1 | +------------+
> > > | | T-1 | |
> > > | DCD wan1 |<----->| Internet |
> > > | | | |
> > > | eth0 | +------------+
> > > +-------------------+
> > > ^ 192.168.11.254
> > > |
> > > v
> > > +------------+
> > > | |<- 192.168.10.0/24
> > > | Internal |
> > > | Network |
> > > | |<- 192.168.11.0/24
> > > +------------+
> > > ^ ^
> > > | |
> > > | +- 192.168.12.0/24
> > > |
> > > +- 192.168.13.0/24
[ snip ]
> NOTE: You shouldn't have to add any input/output rules if you're using the
> default Dachstein firewall setup (or something quite similar). You're only
> prevented from spewing private IP's out the main external interface (ie wan1
> in your case)...otherwise, there's no output filtering. Also, on the input
> side, all packets are accepted from everything but the external interface.
> To make your ISDN work, you should only have to create forwarding rules,
> along with getting the proper routing setup.
>
> If you still have problems, a dump of the existing firewall rules would help
> more than the liminted portion provided above. Also, your routing and IP
> setup would be helpful (output of ip addr & ip route).
>
> In your previous e-mails, it's unclear how the far end of the ISDN link is
> configured (both IP addressing and routing). Remember, you need to make
> sure that *BOTH* ends agree on how to communicate (ie you might be sending
> packets down the ISDN link, but the far end is sending replies back via the
> internet).
OK, I have tried your suggestions -- without success.
Please, refer to <http://www.helices.org/tmP/mcaI/mcai_isdn.txt> for the
details that you have requested.
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . .
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
