[leaf-user] Setting up First DMZ - Help Wanted

Sean E. Covel Thu, 13 Mar 2003 06:00:06 -0800

I'm trying to setup my first DMZ on Bering 1.0.  I downloaded the
Shorewall 3 Interface example and made the changes.  I now have 2-2 port
NICs in the firewall.  I edited /etc/interfaces and added eth2 as
192.168.2.254.  The result of ip addr is as follows:


# ip addr
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop 
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:03:47:08:40:1a brd ff:ff:ff:ff:ff:ff
    inet 12.243.231.253/25 brd 255.255.255.255 scope global eth0
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:03:47:08:40:1b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1
5: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:03:47:08:4a:d6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.254/24 brd 192.168.2.255 scope global eth2
6: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 100
    link/ether 00:03:47:08:4a:d7 brd ff:ff:ff:ff:ff:ff

So it appear to be setup.  The problem is, I can't seem to communicate
with the host on 192.168.2.1.  DHCP wasn't working, so I gave the host a
static address.  (I did edit dhcpd.conf and the proper shorewall file to
add dhcp).  SSH responds:

# ssh 192.168.2.1
ssh: connect to host 192.168.2.1 port 22: No route to host

# ip route
12.243.231.128/25 dev eth0  proto kernel  scope link  src 12.243.231.253
192.168.2.0/24 dev eth2  proto kernel  scope link  src 192.168.2.254 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.254 
default via 12.243.231.129 dev eth0 

# ping 192.168.2.254
PING 192.168.2.254 (192.168.2.254): 56 data bytes
64 bytes from 192.168.2.254: icmp_seq=0 ttl=255 time=0.8 ms
64 bytes from 192.168.2.254: icmp_seq=1 ttl=255 time=0.6 ms

# ping 192.168.2.1
PING 192.168.2.1 (192.168.2.1): 56 data bytes

--- 192.168.2.1 ping statistics ---
7 packets transmitted, 0 packets received, 100% packet loss

The box at 192.168.2.1 was previously on the 192.168.1 network and
responded to ping, ssh, vnc, etc..

Any hints?  Need anymore details?

-- 
Sean E. Covel 



-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open! 
Get cracking and register here for some mind boggling fun and 
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Setting up First DMZ - Help Wanted

Reply via email to