hey, that helped a lot,
I set IMPLICIT_CONTINUE=No and then ran the connection tests again...
voila, everything made more sense
I now log vpn(tap0) -> $FW instead of the nonsensical lan(br0) -> $FW
Furthermore, the outgoing vpn paths now are actually separate:
$FW
On Thu, 2008-09-18 at 19:53 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> What is the setting of IP_FORWARDING in /etc/shorewall/shorewall.conf?
>
> >>> It's set to On... :-/
> >>>
> >>> Could it be because I have the fw connected directly to the server
> >>> (rather than via swi
Ricardo Kleemann wrote:
What is the setting of IP_FORWARDING in /etc/shorewall/shorewall.conf?
It's set to On... :-/
Could it be because I have the fw connected directly to the server
(rather than via switch)? I wouldn't think so since ping from the
firewall (fw -> dmz) works... it's just fr
> >> What is the setting of IP_FORWARDING in /etc/shorewall/shorewall.conf?
> >>
> >
> > It's set to On... :-/
> >
> > Could it be because I have the fw connected directly to the server
> > (rather than via switch)? I wouldn't think so since ping from the
> > firewall (fw -> dmz) works... it's
Ricardo Kleemann wrote:
On Thu, 2008-09-18 at 18:07 -0700, Tom Eastep wrote:
Ricardo Kleemann wrote:
On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
Ricardo Kleemann wrote:
I know packets are not being dropped so it's not shorewall that's
blocking. I guess something's just not getting ro
On Thu, 2008-09-18 at 18:07 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
> >> Ricardo Kleemann wrote:
> >>> I know packets are not being dropped so it's not shorewall that's
> >>> blocking. I guess something's just not getting routed pr
On Thu, 2008-09-18 at 18:07 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
> >> Ricardo Kleemann wrote:
> >>> I know packets are not being dropped so it's not shorewall that's
> >>> blocking. I guess something's just not getting routed pr
Ricardo Kleemann wrote:
On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
Ricardo Kleemann wrote:
I know packets are not being dropped so it's not shorewall that's
blocking. I guess something's just not getting routed properly? If I can
go net -> fw and fw -> dmz, why is the net -> dmz faili
On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > Hi,
> >
> > I'm setting up shorewall (v. 3.4.8) and have established some IPs in the
> > nat file.
> >
> > For testing purposes only, I have my main eth0 interface for shorewall
> > (the "net" interface) in network
Ricardo Kleemann wrote:
Hi,
I'm setting up shorewall (v. 3.4.8) and have established some IPs in the
nat file.
For testing purposes only, I have my main eth0 interface for shorewall
(the "net" interface) in network 192.168.0. The dmz interface is eth2 in
network 192.168.1.
Here's a snippet of
Hi,
I'm setting up shorewall (v. 3.4.8) and have established some IPs in the
nat file.
For testing purposes only, I have my main eth0 interface for shorewall
(the "net" interface) in network 192.168.0. The dmz interface is eth2 in
network 192.168.1.
Here's a snippet of ip addr output:
3: eth0:
huarito huaritex wrote:
> Hello to everyone:
>
> The features of my System:
>
> Redhat Enterprise Linux 5
> shorewall-3.4.6-1.9.el5.al
>
> * 12 Windows XP 32 bits: To connect o remote VPN server they use the software
> "Checkpoint VPN-1 SecureClient").: All of them connect well throught the
>
Hello to everyone:
The features of my System:
Redhat Enterprise Linux 5
shorewall-3.4.6-1.9.el5.al
* 12 Windows XP 32 bits: To connect o remote VPN server they use the software
"Checkpoint VPN-1 SecureClient").: All of them connect well throught the
firewall.
* 3 Windows XP 64 bits.: Only one
Tom Eastep wrote:
> I am always willing to help users who have Shorewall problems but I'm
> not available to act as a Linux networking tutor for you, no matter how
> eager you are.
I will give you one piece of advice, however. Set IMPLICIT_CONTINUE=No
in shorewall.conf; you will find that your lo
14 matches
Mail list logo
