That makes sense.
Thanks for your advices.
--
Cordialement,
Pierre BARDOU
-Message d'origine-
De : Stuart Henderson
Envoyé : mercredi 11 juillet 2018 23:24
À : misc@openbsd.org
Objet : Re: Weird routing problem on simple CARP setup
On 2018-07-11, Tom Smyth wrote:
> H
On 2018-07-11, Tom Smyth wrote:
> Hi Pierre,
>
> with VRRP on other vendors the IP on the Virtual interface
> is recommended to be a /32,
>
>
> afaik
> it prevents ambiguity when it comes to your connected routes
> do you route a packet out the carp interface which as an ip on the configured
> /24
--Message d'origine-
> De : Stefan Sperling
> Envoyé : mardi 3 juillet 2018 13:33
> À : BARDOU Pierre
> Cc : misc@openbsd.org
> Objet : Re: Weird routing problem on simple CARP setup
>
> On Wed, Jun 27, 2018 at 09:30:16AM +, BARDOU Pierre wrote:
>> He
e physical interface.
I upgraded to 6.3 and it also works.
Thank you for your help
--
Cordialement,
Pierre BARDOU
-Message d'origine-
De : Stefan Sperling
Envoyé : mardi 3 juillet 2018 13:33
À : BARDOU Pierre
Cc : misc@openbsd.org
Objet : Re: Weird routing problem on simple CARP setup
On Wed, Jun 27, 2018 at 09:30:16AM +, BARDOU Pierre wrote:
> Hello,
>
> I have a strange problem with OpenBSD 6.2, which looks like a bug.
> Steps to reproduce :
>
> * sh /etc/netstart -> everything works. Routing table :
> root@fw-t-wan-chut01:~ # netstat -rnf inet
Hello,
I have a strange problem with OpenBSD 6.2, which looks like a bug.
Steps to reproduce :
* sh /etc/netstart -> everything works. Routing table :
root@fw-t-wan-chut01:~ # netstat -rnf inet
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Op 27-9-2017 om 11:20 schreef Markus Rosjat:
> Hi there, > > I have a small problem getting a wordpress instance, that works
with ips in the url, to work from the internal net. > > So here ist the
setup > > a webserver for some application behind a
hi,
Am 27.09.2017 um 15:59 schrieb x9p:
I am supposing its Apache because you did not said so.
no it's of course a httpd from OpenBSD
You are right, httpd. my bad. I am used to Linux world.
the problem here is the for internal traffic to somehow rewirite the
url to a internal ip wit
>> I am supposing its Apache because you did not said so.
>>
>
> no it's of course a httpd from OpenBSD
>
You are right, httpd. my bad. I am used to Linux world.
> the problem here is the for internal traffic to somehow rewirite the
> url to a internal ip with some lines in the server part of
Hi,
Am 27.09.2017 um 13:33 schrieb x9p:
Hi there,
Hi
I have a small problem getting a wordpress instance, that works with ips
in the url, to work from the internal net.
So here ist the setup
a webserver for some application behind a Openbsd Firewall (webbserver
is openBSD 6.0) I have a st
> Hi there,
Hi
>
> I have a small problem getting a wordpress instance, that works with ips
> in the url, to work from the internal net.
>
> So here ist the setup
>
> a webserver for some application behind a Openbsd Firewall (webbserver
> is openBSD 6.0) I have a static ip for my external nic an
Hi there,
I have a small problem getting a wordpress instance, that works with ips
in the url, to work from the internal net.
So here ist the setup
a webserver for some application behind a Openbsd Firewall (webbserver
is openBSD 6.0) I have a static ip for my external nic and the wordpress
Hetzner routes additional subnets through a specified mac address on robots
page. ( Some cases you need to open a trouble ticket )
Also, all related information is provided there.
Cheers,
2017-07-25 10:26 GMT-03:00 Stuart Henderson :
> On 2017-07-20, Mike Larkin wrote:
> > On Thu, Jul 20, 2017
On 2017-07-20, Mike Larkin wrote:
> On Thu, Jul 20, 2017 at 02:19:29PM +0200, Leo Unglaub wrote:
>> Hey,
>>
>> On 07/20/17 13:05, Mischa Peters wrote:
>> > Can you ask them how they route the separate subnet to you?
>>
>> as far as i understand it they route the subnet on my main ip address.
>>
On Thu, Jul 20, 2017 at 02:19:29PM +0200, Leo Unglaub wrote:
> Hey,
>
> On 07/20/17 13:05, Mischa Peters wrote:
> > Can you ask them how they route the separate subnet to you?
>
> as far as i understand it they route the subnet on my main ip address.
>
>
> From there documentation:
> > Newly as
> What would be the difference to your version where i use vether instead of
> an alias? Or did i missunderstand you?
>
The difference is broadcast trafic won't be sent over your provider network.
Hey,
On 07/20/17 09:46, Denis Fondras wrote:
Can you people see something that i might missed?
The easy way would be enable forwarding, add a vether(4) on the host, bridge it
with tap0 and configure it with an IP in the 136.243.186.160/29 subnet. Use that
IP as the gateway in your VMs.
i did
Hey,
On 07/20/17 13:05, Mischa Peters wrote:
Can you ask them how they route the separate subnet to you?
as far as i understand it they route the subnet on my main ip address.
From there documentation:
Newly assigned IPv4 subnets are statically routed on the main IP address of the
server,
Hi Leo,
Can you ask them how they route the separate subnet to you?
Mischa
> On 20 Jul 2017, at 12:59, Leo Unglaub wrote:
>
> Hey,
>
>> On 07/20/17 06:25, Mike Larkin wrote:
>> sysctl net.inet.ip.forwarding=1 ?
>> I'm not a networking expert but I think your VM's subnet mask is wrong for
>> t
Hey,
On 07/20/17 06:25, Mike Larkin wrote:
sysctl net.inet.ip.forwarding=1 ?
I'm not a networking expert but I think your VM's subnet mask is wrong for
the gateway you are trying to use.
thank you for your response. I tryed it with net.inet.ip.forwarding
being 1 and 0. Both don't work. About
Hello,
> Can you people see something that i might missed?
The easy way would be enable forwarding, add a vether(4) on the host, bridge it
with tap0 and configure it with an IP in the 136.243.186.160/29 subnet. Use that
IP as the gateway in your VMs.
Hi List,
Hetzner has like other dedicated hosting providers an "crazy" looking
network setup for ipv4. Here point to point for the default gw in a
different network segment.
So it's important also to keep that in mind.
Maybe this document helps a bit, need to adapt to Openbsd.
https://wiki.hetz
On Thu, Jul 20, 2017 at 04:23:40AM +0200, Leo Unglaub wrote:
> Hey friends,
> i am trying out vmd and I have a little problem getting networking going
> inside the guest machine. I am not sure if this is a problem in vmd or
> simply my misconfiguration.
>
> From my datacenter i got the following d
Hey friends,
i am trying out vmd and I have a little problem getting networking going
inside the guest machine. I am not sure if this is a problem in vmd or
simply my misconfiguration.
From my datacenter i got the following data:
Main Server (OpenBSD GENERIC.MP#99 amd64)
#
On 2012-05-02 21:56:39 -0300, Leonardo M. Rami wrote:
> On 2012-05-02 23:27:44 +0200, Claudio Jeker wrote:
> > On Wed, May 02, 2012 at 03:26:20PM -0300, Leonardo M. Rami wrote:
> > > Hi, I've posted this to ServerFault.com, and I got an answer, but the
> > > solution works only in part.
> > >
> >
On 2012-05-02 23:27:44 +0200, Claudio Jeker wrote:
> On Wed, May 02, 2012 at 03:26:20PM -0300, Leonardo M. Rami wrote:
> > Hi, I've posted this to ServerFault.com, and I got an answer, but the
> > solution works only in part.
> >
> > This is my /etc/pf.conf
> >
> > set skip on lo
> > pass in log
On Wed, May 02, 2012 at 03:26:20PM -0300, Leonardo M. Rami wrote:
> Hi, I've posted this to ServerFault.com, and I got an answer, but the
> solution works only in part.
>
> This is my /etc/pf.conf
>
> set skip on lo
> pass in log on em0 proto tcp from any to any port 104 rdr-to 192.65.214.131
> p
Hi, I've posted this to ServerFault.com, and I got an answer, but the
solution works only in part.
This is my /etc/pf.conf
set skip on lo
pass in log on em0 proto tcp from any to any port 104 rdr-to 192.65.214.131
pass out on vic0 from em0:network to any nat-to vic0
I have two nics:
vic0 19
On Wed, 28 Sep 2011 15:42:05 +0400, pavel pocheptsov
wrote:
> 28 QP5P=QQP1QQ 2011, 15:28 P>Q "Wesley M."
:
>> The VPN is between a fictif ip address(gives by the_green_bow) to
>> 10.100.1.0/24
>>
>> Using VPN, i can ping 10.100.1.250 and use also ssh on the box but
pings
>> doesn't work for
28 QP5P=QQP1QQ 2011, 15:28 P>Q "Wesley M." :
> The VPN is between a fictif ip address(gives by the_green_bow) to
> 10.100.1.0/24
>
> Using VPN, i can ping 10.100.1.250 and use also ssh on the box but pings
> doesn't work for : 10.100.1.100, and 10.100.1.254.
>
> On the OpenBSD SIDE : ipsec.
On 2011-09-28, Wesley M. wrote:
>> Fixes: 1) fix the default gateway on the TS Server machine, add a custom
>> route for whatever that "private network" thingie is.
>
> I can't change the gateway, because the others locations (there are 4)
> won't connect on TS.
You could add a custom static rout
On 2011-09-28, Nick Holland wrote:
> On 09/28/11 03:13, Wesley M. wrote:
>> Hi,
>>
>> I have at work:
>> TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private
>> network)
>
> bzzt. Bad.
> (I'm guessing that's a windows terminal server)
>
>> Firewall : 10.100.1.250 (OpenBSD 4
The VPN is between a fictif ip address(gives by the_green_bow) to
10.100.1.0/24
Using VPN, i can ping 10.100.1.250 and use also ssh on the box but pings
doesn't work for : 10.100.1.100, and 10.100.1.254.
On the OpenBSD SIDE : ipsec.conf
ike dynamic from 10.100.1.0/24 to any \
main auth
On Wed, 28 Sep 2011 06:49:59 -0400, Nick Holland
wrote:
> On 09/28/11 03:13, Wesley M. wrote:
>> Hi,
>>
>> I have at work:
>> TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for
private
>> network)
>
> bzzt. Bad.
> (I'm guessing that's a windows terminal server)
Yes, it is (RDS,
what settings on client/home side?
B ipconfig /all, route print..etc
28 QP5P=QQP1QQ 2011, 11:18 P>Q "Wesley M." :
Hi,
I have at work:
TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private
network)
Firewall : 10.100.1.250 (OpenBSD 4.9, ADSL : sis0, Lan (10.100.
On 09/28/11 03:13, Wesley M. wrote:
> Hi,
>
> I have at work:
> TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private
> network)
bzzt. Bad.
(I'm guessing that's a windows terminal server)
> Firewall : 10.100.1.250 (OpenBSD 4.9, ADSL : sis0, Lan (10.100.1.0/24)
> :sis2
>
>
Hi,
I have at work:
TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private
network)
Firewall : 10.100.1.250 (OpenBSD 4.9, ADSL : sis0, Lan (10.100.1.0/24)
:sis2
On the firewall, i can ping 10.100.1.100 and telnet 10.100.1.100 3389 ->
OK
When i am at home, i connect to firewa
IPsec flows take priority over all standard routing table entries,
it sounds like you need a bypass flow for the protocol carp traffic
if you don't want it to match your IPsec flow.
On 2011-07-28, Axel Rau wrote:
> Hi all,
>
> I have a routing firewall, which is also a ipsec client like this:
>
Am 28.07.2011 um 13:23 schrieb Axel Rau:
> all CARP traffic from its carp2) go to enc0, like this:
What may cause IPv4 CARP traffic to not go out on its parent device but on
enc0 instead?
IPv6 CARP and other CARP devises behave as expected.
Axel
---
PGP-Key:29E99DD6 b +49 151 2300 9283 b comp
Am 28.07.2011 um 16:06 schrieb Gregory Edigarov:
> let me guess
> I think you just need to allow traffic on enc0
>
> set skip on enc0
No, its not that easy. (-;
I block carp multicast messages on enc0 and just showed that.
A tcpdump on enc0 would have shown the same.
The problem is that those
On Thu, 28 Jul 2011 13:23:02 +0200
Axel Rau wrote:
> Hi all,
>
> I have a routing firewall, which is also a ipsec client like this:
>
>ppp uplink (IPv4)
> |
>dc3|pppoe0
> +++
>
Hi all,
I have a routing firewall, which is also a ipsec client like this:
ppp uplink (IPv4)
|
dc3|pppoe0
+++
|+|dc1
| enc0
Thank you everyone. I cannot believe I forgot to set up that static route
from the DSL modem back to the 10.40.60.0 network. Works like a charm. Next
comes ipv6!
On Jul 9, 2010, at 2:31 PM, Jussi Peltola wrote:
> On Fri, Jul 09, 2010 at 02:19:42PM -0700, Matt S wrote:
>> Given the following:
Am Fri, 9 Jul 2010 14:19:42 -0700
schrieb Matt S :
> [internet - DSL Modem - 192.168.0.1]--[bge0:192.168.0.254 -
> OpenBSD 4.7 - em0:10.40.60.1]--[Laptop - DHCP]
> ping my laptop from the OpenBSD box. Since my default gateway is
> effectively 192.168.0.1, I am puzzled as to why I
On Fri, Jul 09, 2010 at 02:19:42PM -0700, Matt S wrote:
> Given the following:
>
> [internet - DSL Modem - 192.168.0.1]--[bge0:192.168.0.254 - OpenBSD
> 4.7 - em0:10.40.60.1]--[Laptop - DHCP]
>
> net.inet.ip.forwarding=1
>
> How can I get my laptop to reach the internet? I kind
On Fri, Jul 09, 2010 at 02:19:42PM -0700, Matt S wrote:
> Given the following:
>
> [internet - DSL Modem - 192.168.0.1]--[bge0:192.168.0.254 - OpenBSD
> 4.7 - em0:10.40.60.1]--[Laptop - DHCP]
>
> net.inet.ip.forwarding=1
>
> How can I get my laptop to reach the internet? I kind
Given the following:
[internet - DSL Modem - 192.168.0.1]--[bge0:192.168.0.254 - OpenBSD
4.7 - em0:10.40.60.1]--[Laptop - DHCP]
net.inet.ip.forwarding=1
How can I get my laptop to reach the internet? I kind of figured that all I
would have to do is have forwarding enabled on the
On Fri, Feb 20, 2009 at 6:34 AM, Federico wrote:
> Hello all,
>
> I have a trouble with some routing-related that i can't figure out.
>
> I have this configuration:
>
>
> **
> ***INTERNET***
> **
> |
>bnx1
> | FIREWALL |
>bnx0
> |
>DMZ (10.0.0.0/28)
>
Hello all,
I have a trouble with some routing-related that i can't figure out.
I have this configuration:
**
***INTERNET***
**
|
bnx1
| FIREWALL |
bnx0
|
DMZ (10.0.0.0/28)
|
bnx1
| PROXY |
bnx0
|
LAN (192.168.80.0/24)
FIRE
I have tried doing a route-to rule but it makes no difference, I set it
up like this:
pass in quick on $ext_if route-to { ( $int_if (IP of host in DMZ ) }
from any to (IP of host in DMZ)
But my router still does not pass the packets onto the host in the DMZ,
I haven't tried a reply-to rule b
Instead of giving you the obligatory "man pf.conf" reply, I will do one better
and reference an old reply I posed to the list with a sample pf.conf where
someone asked basically the same thing. I omitted the part that matters in
this example conf, but explain what you need to insert to get it to
Hi,
I am trying to setup an openbsd router but are having a big problem
getting it to work.
Here is the scenario:
The router has 3 public IP's, with 2 internet connections and sits just
outside a DMZ. Behind the router there are a number of hosts with public
IP's (DMZ).
All of the interface
Hi,
I have a VPN running that roughly looks like this:
LOCAL REMOTE
-
10.0.0.0/16 \ / mobile users
10.1.0.0/16 +- gateway - Internet -+- other users
10.6.0.0/16/\
Thomas Schoeller wrote:
this will not work. ipsec will not encap packets that not belong to a
flow.
you need a second ipsec flow like on GW B:
ike esp from LAN_B/24 to vendor/18 peer OPENBSD_A_External
and on GW A:
ike esp from VENDOR/18 to LAN_B/24 peer OPENBSD_B_External
and then a route on GW
On Sat, Oct 06, 2007 at 10:37:12AM -0400, Dave Anderson wrote:
> On Sat, 6 Oct 2007, Layne Evans wrote:
>
> >Hello all,
> >
> >
> >vendor -->vendor router<-- Internal LAN Location A -->OBSD GW A<-- Internet
> > VPN Between
> >Internet -->OBSD GW B<-- Internal LAN Location B
> >
> >Some info:
On Sat, 6 Oct 2007, Layne Evans wrote:
>Hello all,
>
>I am having some trouble with a routing situation that is difficult for
>me to explain, so if you need more info let me know.
>
>vendor -->vendor router<-- Internal LAN Location A -->OBSD GW A<-- Internet
> VPN Between
>Internet -->OBSD G
Hello all,
I am having some trouble with a routing situation that is difficult for
me to explain, so if you need more info let me know.
vendor -->vendor router<-- Internal LAN Location A -->OBSD GW A<-- Internet
VPN Between
Internet -->OBSD GW B<-- Internal LAN Location B
From the above
Rod.. Whitworth wrote:
> On Sat, 09 Dec 2006 14:34:04 +0100, Mitja wrote:
>
>> Mikael Fridh wrote:
# pfctl -s all
TRANSLATION RULES:
nat on bge0 inet from 192.168.1.0/24 to any -> (bge0:0)
rdr pass on em1 inet proto tcp from any to any port = 5900 ->
192.168.1.111 port 590
On Sat, 09 Dec 2006 14:34:04 +0100, Mitja wrote:
>Mikael Fridh wrote:
>>> # pfctl -s all
>>> TRANSLATION RULES:
>>> nat on bge0 inet from 192.168.1.0/24 to any -> (bge0:0)
>>> rdr pass on em1 inet proto tcp from any to any port = 5900 ->
>>> 192.168.1.111 port 5900
>>
>> If bge0 is your external
Let's try this. It works, but the source IP is from bge0 my external
interface (193.77.12.154).
Then use address from em1 in nat rule for bge0.
nat on bge0 inet from 192.168.1.0/24 to any -> (em1:0)
No one said that translated source address must be the same as the
address of nat external (o
Joel Goguen wrote:
> On Fri, 08 Dec 2006 17:01:10 +0100, Mitja <[EMAIL PROTECTED]> wrote:
>> Joel Goguen wrote:
>>> On Fri, 08 Dec 2006 15:16:50 +0100, Mitja <[EMAIL PROTECTED]> wrote:
>>> [snip]
# pfctl -s all
TRANSLATION RULES:
nat on em1 inet from 192.168.1.0/24 to any -> (em1:0)
Mikael Fridh wrote:
>> # pfctl -s all
>> TRANSLATION RULES:
>> nat on bge0 inet from 192.168.1.0/24 to any -> (bge0:0)
>> rdr pass on em1 inet proto tcp from any to any port = 5900 ->
>> 192.168.1.111 port 5900
>
> If bge0 is your external interface that nat line now looks correct.
> If your inter
Mitja wrote:
Mitja wrote:
Andreas Bihlmaier wrote:
On Thu, Dec 07, 2006 at 11:27:11PM +0100, Mitja wrote:
Hello,
I am trying to configure nat from internal network 192.168.1.0/24 to
external nat gateway address 193.189.180.193. The problem is that
packets are not passing from nat gateway t
Mitja wrote:
Mitja wrote:
Andreas Bihlmaier wrote:
On Thu, Dec 07, 2006 at 11:27:11PM +0100, Mitja wrote:
Hello,
I am trying to configure nat from internal network 192.168.1.0/24 to
external nat gateway address 193.189.180.193. The problem is that
packets are not passing from nat gateway to t
Joel Goguen wrote:
> On Fri, 08 Dec 2006 15:16:50 +0100, Mitja <[EMAIL PROTECTED]> wrote:
> [snip]
>> # pfctl -s all
>> TRANSLATION RULES:
>> nat on em1 inet from 192.168.1.0/24 to any -> (em1:0)
> If em1 is only serving the one IP address, try changing em1:0 to em1 and see
> if that works.
Check
On Fri, 08 Dec 2006 15:16:50 +0100, Mitja <[EMAIL PROTECTED]> wrote:
[snip]
> # pfctl -s all
> TRANSLATION RULES:
> nat on em1 inet from 192.168.1.0/24 to any -> (em1:0)
If em1 is only serving the one IP address, try changing em1:0 to em1 and see if
that works.
--
Joel Goguen
http://iapetus.dyndn
Mitja wrote:
> Andreas Bihlmaier wrote:
>> On Thu, Dec 07, 2006 at 11:27:11PM +0100, Mitja wrote:
>>> Hello,
>>>
>>> I am trying to configure nat from internal network 192.168.1.0/24 to
>>> external nat gateway address 193.189.180.193. The problem is that
>>> packets are not passing from nat gatewa
Andreas Bihlmaier wrote:
> On Thu, Dec 07, 2006 at 11:27:11PM +0100, Mitja wrote:
>> Hello,
>>
>> I am trying to configure nat from internal network 192.168.1.0/24 to
>> external nat gateway address 193.189.180.193. The problem is that
>> packets are not passing from nat gateway to the interface 19
On Thu, Dec 07, 2006 at 11:27:11PM +0100, Mitja wrote:
> Hello,
>
> I am trying to configure nat from internal network 192.168.1.0/24 to
> external nat gateway address 193.189.180.193. The problem is that
> packets are not passing from nat gateway to the interface 193.77.12.154
> to the internet.
Hello,
I am trying to configure nat from internal network 192.168.1.0/24 to
external nat gateway address 193.189.180.193. The problem is that
packets are not passing from nat gateway to the interface 193.77.12.154
to the internet.
ISP <-> 193.77.12.154 -- hostA -- 192.168.1.1
ed before questions can be answered.
>
> Martmn Coco wrote:
>
>> Hello misc!
>>
>> We are experiencing what seems to be a routing problem when using ipsec
>> flows and udp traffic.
>>
>> We are using OpenVPN for the employees to connect from the outside
wrote:
Hello misc!
We are experiencing what seems to be a routing problem when using ipsec
flows and udp traffic.
We are using OpenVPN for the employees to connect from the outside world
to our network. It is configured to use UDP. At the same time, this box
has an ipsec tunnel configured to
Hello misc!
We are experiencing what seems to be a routing problem when using ipsec
flows and udp traffic.
We are using OpenVPN for the employees to connect from the outside world
to our network. It is configured to use UDP. At the same time, this box
has an ipsec tunnel configured to talk
Hey,
Try a bridge.
man brconfig(8) says:
he brconfig utility retrieves kernel state of bridge interfaces and al-
lows user control of these bridges. Bridge devices create a
logical link
between two or more Ethernet interfaces or encapsulation
interfaces (see
gif(4)), which wi
Jonas Lindskog wrote:
> We are running Open BSD 3.8 as a firewall router. The router has two
> internal networks to handle; a DMZ with "real"
> ip adresses and a NAT network to which our workstations are connected.
> The problem I have is that its not possible to
> connect to the server on the DMZ
On Jan 22, 2006, at 1:07 PM, Jonas Lindskog wrote:
Hello,
We are running Open BSD 3.8 as a firewall router. The router has
two internal networks to handle; a DMZ with "real"
ip adresses and a NAT network to which our workstations are
connected. The problem I have is that its not possible to
Hello,
We are running Open BSD 3.8 as a firewall router. The router has two
internal networks to handle; a DMZ with "real"
ip adresses and a NAT network to which our workstations are connected.
The problem I have is that its not possible to
connect to the server on the DMZ (ip 38.87.5.122, netm
On 12/16/05, Joachim Schipper <[EMAIL PROTECTED]> wrote:
>
> > Every attempt to access any host on the Internet gets to gwA
> > int_wireless, but doesn't goes out on ext_if. gwB can't even ping gwA
> > external address 1.2.3.2.
>
> I assume gwA and gwB can ping each other on the internal interface,
On 12/16/05, Bryan Irvine <[EMAIL PROTECTED]> wrote:
> traceroute is your friend. I'm sure you've tried it, just didn't post
> the results?
It doesn't show any hop. Like ping, we only see packets coming into
wireless interface of gwA, and they don't ever come out of it.
--
Fernando M. Braga
(reply inline, sorry)
On Fri, Dec 16, 2005 at 01:34:38PM -0300, Fernando Braga wrote:
> I'm facing an unusual problem with routing. I can access an internal
> server (with real IP) thru an OpenBSD gateway (gwA). Everything works
> when connection is initiated from the Internet. But gwB can't make
traceroute is your friend. I'm sure you've tried it, just didn't post
the results?
On 12/16/05, Fernando Braga <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm facing an unusual problem with routing. I can access an internal
> server (with real IP) thru an OpenBSD gateway (gwA). Everything works
> when
Hi,
I'm facing an unusual problem with routing. I can access an internal
server (with real IP) thru an OpenBSD gateway (gwA). Everything works
when connection is initiated from the Internet. But gwB can't make its
way back to the Internet.
Every attempt to access any host on the Internet gets to
> --- Quoting [EMAIL PROTECTED] on 2005/08/25 at 01:20 +0200:
>
> (can you try wrap your lines at a reasonable 72 chars?)
Yup! Sorry..
>
> > No, the rl0 gateway (PC_B) is 192.168.3.254. Client1 is .3.70,
> > PC_B's internal network is, of course, 192.168.3.0/24.
>
> Oops, I should've
--- Quoting [EMAIL PROTECTED] on 2005/08/25 at 01:20 +0200:
(can you try wrap your lines at a reasonable 72 chars?)
> No, the rl0 gateway (PC_B) is 192.168.3.254. Client1 is .3.70, PC_B's
> internal network is, of course, 192.168.3.0/24.
Oops, I should've seen that 3.70 was an ARP entry. It'
> --- Quoting [EMAIL PROTECTED] on 2005/08/24 at 18:35 +0200:
> > 1) From Client1, I cannot ping its default gateway (.3.254) anymore. No
> > ping replies. ssh connection is frozen.
>
> What machine and interface is .3.254 on? From the information below it does
> not look like it's on PC_B.
--- Quoting [EMAIL PROTECTED] on 2005/08/24 at 18:35 +0200:
> 1) From Client1, I cannot ping its default gateway (.3.254) anymore. No ping
> replies. ssh connection is frozen.
What machine and interface is .3.254 on? From the information below it
does not look like it's on PC_B. PC_B is .3.70.
Hello!
I'm having troubles with IPsec, but I'm not really sure whether it's an
IPsec issue, a routing problem or just that I'm missing something big, very
big... So any help is more than welcome!
Here's the setup: PC_A is acting as a NAT gateway with three networ
87 matches
Mail list logo