Thanks for the reply IC1igo. I can't test it until Monday when I get
back in the office; I will surely let you know then.
don..
On Jun 6, 2010, at 7:10 AM, IC1igo Ortiz de Urbina <tarom...@gmail.com>
wrote:
Did this fix the issue?
---------- Forwarded message ----------
From: Devin Reade <g...@gno.org>
Date: Sat, Jun 5, 2010 at 4:38 AM
Subject: Re: No SSH on External Interfaces After pf.conf Rewrite for
Load Balancing Outgoing Traffic
To: Misc OpenBSD <misc@openbsd.org>
dontek <don...@gmail.com> wrote:
In rewriting the ruleset I've
had no problems with connectivity with the exception of getting an
SSH
connection to the firewall to work on either of the two external
interfaces.
[...]
pass log quick on $EXT_IF_1 inet proto tcp from any to ($EXT_IF_1)
port ssh keep state
pass log quick on $EXT_IF_2 inet proto tcp from any to ($EXT_IF_2)
port ssh keep state
Use reply-to for your ssh rules:
pass log quick on $EXT_IF_1 inet proto tcp from any to ($EXT_IF_1)
port ssh keep state reply-to ($EXT_IF_1 $EXT_GATE_1)
(And for the 2nd one, too)
Devin
