Re: [Shorewall-users] Static route configuration

2021-09-13 Thread David Cherry via Shorewall-users
On Mon, 2021-09-13 at 05:57 -0400, Dave via Shorewall-users wrote: > My firewall/router is a basic two-interfaces setup running shorewall > 5.2.8 on RHEL 8.4 (actually Rocky 8.4). > > I need to route packets to and from another subnet via an OpenVPN > server running on the local subnet. > > I use

Re: [Shorewall-users] Help with routing

2021-09-13 Thread Tuomo Soini
On Mon, 13 Sep 2021 15:17:16 +0100 Ruth Ivimey-Cook wrote: > This isn't a shorewall problem, but I'm hoping for a pointer to help > :-) > > I want to link two hosts on the same net with a dedicated (fast) > link, while both have access to other computers on the same net via > another interface.

Re: [Shorewall-users] Static route configuration

2021-09-13 Thread Justin Pryzby
On Mon, Sep 13, 2021 at 12:44:23PM -0400, David Cherry wrote: > FORWARD REJECT IN=ens2 OUT=ens2 This shows that the packet is going out the same interface it came in. The interfaces file needs "routeback" to allow that. This may be fixing only the immediate problem - I haven't tried to see furthe

[Shorewall-users] Help with routing

2021-09-13 Thread Ruth Ivimey-Cook
This isn't a shorewall problem, but I'm hoping for a pointer to help :-) I want to link two hosts on the same net with a dedicated (fast) link, while both have access to other computers on the same net via another interface. I have got the routing sorted, but I keep having to delete automatica

Re: [Shorewall-users] Static route configuration

2021-09-13 Thread Dave via Shorewall-users
On Mon, 2021-09-13 at 08:32 -0400, Robert K Coffman Jr. -Info From Data Corp. wrote: > On 9/13/2021 5:57 AM, Dave via Shorewall-users wrote: > > I need to route packets to and from another subnet via an OpenVPN > > server running on the local subnet. > > Why aren't you using the OpenVPN mechanism

Re: [Shorewall-users] Static route configuration

2021-09-13 Thread Robert K Coffman Jr. -Info From Data Corp.
On 9/13/2021 5:57 AM, Dave via Shorewall-users wrote: I need to route packets to and from another subnet via an OpenVPN server running on the local subnet. Why aren't you using the OpenVPN mechanism to create the necessary routes? For local subnet 192.168.1.0/24 and remote via vpn subnet 10.0.

Re: [Shorewall-users] Static route configuration

2021-09-13 Thread Justin Pryzby
On Mon, Sep 13, 2021 at 05:57:50AM -0400, Dave via Shorewall-users wrote: > My firewall/router is a basic two-interfaces setup running shorewall > 5.2.8 on RHEL 8.4 (actually Rocky 8.4). Send its configuration or shorewall dump: https://shorewall.org/support.htm > I need to route packets to and f

[Shorewall-users] Static route configuration

2021-09-13 Thread Dave via Shorewall-users
My firewall/router is a basic two-interfaces setup running shorewall 5.2.8 on RHEL 8.4 (actually Rocky 8.4). I need to route packets to and from another subnet via an OpenVPN server running on the local subnet. I used "ip route add" to add two static routes on the firewall/router, "ip route add 1