[leaf-user] RE: can't ping dmz <-> loc

Wed, 17 Dec 2003 10:21:23 -0800 

Hi Again

>>Hello Group
>>
>>I have some problems in my connection to and from
DMZ
>>and LOC
>>all other than LOC <-> DMZ works
>>I'm using shorewall 1.4.8 with the three interfaces
>>config examples
>>not only "ping" but also ssh can't connect
>>I imagine it's a small detail i missed
>>but hell i can't find it,
>
>The ping failures you report, namely --
>
>>ping dmz -> loc         failure "network
unreachable"
>>ping dmz <- loc         failure "ctrl+c 100% loss"
>
>-- usually indicate a problem with tsome routing
table. But since you 
>didn't include a listing of either routing table ("ip
route show" for 
>the
>LEAF router; who knows for the DMZ host) in the "some
stuff" you 
>provided, 
>that's only a guess.

192.168.1.0/24 dev eth1  proto kernel  scope link  src
192.168.1.254 
192.168.10.0/24 dev eth2  proto kernel  scope link 
src 192.168.10.100 
128.142.112.0/20 dev eth0  proto kernel  scope link 
src 128.142.121.254 
default via 128.142.112.1 dev eth0

>If I read this "stuff" right, you changed the network
numbering of your 
>DMZ 
>in /etc/network/interfaces away from the detault. But
perhaps you did 
>not 
>change the corresponding entries in
/etc/network.conf?

i don't have a /etc/network.conf ??
this is the default /etc/interfaces,
as i understand, i can't have dmz on same network
as the loc
here it is 192.168.1.x for both the dmz and loc ??

auto eth1
iface eth1 inet static
        address 192.168.1.254
        masklen 24
        broadcast 192.168.1.255
auto eth2
iface eth2 inet static
        address 192.168.1.100
        masklen 24
        broadcast 192.168.1.255


>Finally, you *might* have a configuration problem on
the DMZ host you 
>are 
>testing from.

if i can ping dmz<->fw<->loc but not dmz<->loc, then
my dmz host net config is ok, right ??

Regards
Lasse

Yahoo! Mail (http://dk.mail.yahoo.com) - Gratis: 6 MB lagerplads, spamfilter og 
virusscan


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to