Did you read the pf suggestions via pppoe(4) ? AT&T tends to use pppoe(4).. -- Todd Fries .. [EMAIL PROTECTED]
_____________________________________________ | \ 1.636.410.0632 (voice) | Free Daemon Consulting, LLC \ 1.405.227.9094 (voice) | http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX) | "..in support of free software solutions." \ 250797 (FWD) | \ \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A http://todd.fries.net/pgp.txt Penned by Parvinder Bhasin on 20080909 9:59.02, we have: > I am having hard time with issue that some of the DSL (ATT) are having > issues connecting to website behind my openbsd firewall. Now if I > switched it back to cisco asa , access works flawlessly. > > Everyone including those on DSL(ATT) are able to access the website > (with cisco) but as soon as I put my Openbsd firewall website access to > SOME DSL (ATT) users stops working. > > I troubleshooted the problem to be related to "scrubbing (normalization > of packets)". > So I tried couple of options in scrubbing rules: and got couple of > people experiencing the problem to work but there are few still > complaining that they can't access the site. I have tried this from > multiple different connections. Even with Verizon EVDO internet access , > people can't access the site. Its reallly weired and I have been pulling > my hair on this. I don't really want to put other firewall in. > > I would like to know what other people who are running openbsd as > firewall are using for scrubbing. > > Here is what I used first time: > > scrub in all > > and then changed to > > scrub in all no-df > scrub out all no-df > > and got few of DSL users to see the site but then others still can't. > Verizon users can't either. > > Any thoughts/help highly appreciated. I dont' want to go BALD :) > > Thanks
