Ville Walveranta wrote:
> That's a good point... except that in this case, without the masq entry:
> $LAN2_IF 172.16.0.0/24 10.0.0.253
> .. routing doesn't work. Traceroute won't proceed beyond the shorewall box
> from LAN1 servers without it.
Time to break out a packet sniffer (I tend to u
That's a good point... except that in this case, without the masq entry:
$LAN2_IF 172.16.0.0/24 10.0.0.253
.. routing doesn't work. Traceroute won't proceed beyond the shorewall box
from LAN1 servers without it.
In this case it doesn't really matter. LAN2 is a small "legacy" LAN and
t
Ville Walveranta wrote:
> Re-added it like this:
> $LAN2_IF 172.16.0.0/24 10.0.0.253
> Now it should change the addresses for the connections originating from LAN1
> and destined to LAN2, to 10.0.0.253 (which is the Shorewall server address).
You may want to have a think about that, and perha
Re-added it like this:
$LAN2_IF 172.16.0.0/24 10.0.0.253
Now it should change the addresses for the connections originating from
LAN1 and destined to LAN2, to 10.0.0.253 (which is the Shorewall server
address).
Ville
--
Tom, you are correct, of course. Someone else pointed that out to me
shortly after I had posted the response. I removed the statement and it
made no difference in how the configuration works – the problem was solely
the missing return route from LAN2.
Ville
On Fri, Feb 1, 2013 at 4:03 PM, Tom
On 02/01/2013 01:55 PM, Ville Walveranta wrote:
> Simon,
>
> Thanks for that guidance! It was enough for me to complete the
> configuration. As you suggested, adding the return route to LAN2's
> router helped – I had completely overlooked it thinking that the return
> route would automatically f
Simon,
Thanks for that guidance! It was enough for me to complete the
configuration. As you suggested, adding the return route to LAN2's router
helped – I had completely overlooked it thinking that the return route
would automatically follow the same path as the incoming request (from
LAN1). I
Ville Walveranta wrote:
> I have three NICs:
> WAN (Internet),
> LAN1 (primary LAN),
> and LAN2 (link to a "legacy" LAN).
> WAN-to-LAN is working inbound through NAT, and outbound through DNAT (set in
> masq).
> LAN2 should not (and currently does not) have access to the Internet through
> this S
On 02/01/2013 09:12 AM, Ville Walveranta wrote:
> I'm setting up Shorewall (4.4.26.1), and have been trying to figure out
> routing between two LAN segments now for a few days. It's time to ask
> for help.
>
> I have three NICs: WAN (Internet), LAN1 (primary LAN), and LAN2 (link to
> a "legacy" L
On 02/01/2013 09:12 AM, Ville Walveranta wrote:
> I'm setting up Shorewall (4.4.26.1), and have been trying to figure out
> routing between two LAN segments now for a few days. It's time to ask
> for help.
>
> I have three NICs: WAN (Internet), LAN1 (primary LAN), and LAN2 (link to
> a "legacy" L
I'm setting up Shorewall (4.4.26.1), and have been trying to figure out
routing between two LAN segments now for a few days. It's time to ask for
help.
I have three NICs: WAN (Internet), LAN1 (primary LAN), and LAN2 (link to a
"legacy" LAN). WAN-to-LAN is working inbound through NAT, and outboun
11 matches
Mail list logo
