Re: [Shorewall-users] multi isp and routing

Wed, 31 Dec 2008 10:47:33 -0800 

Ok, I hope this is it...
I did the reset as requested and we tried the connection.
A machine on the local network is trying to connect to 208.60.147.148 from 10.1.1.67 on port 22 (tcp) 
The machine on the other end is expecting us to connect from 70.61.215.98
Basically, I think the remote system just ignores us because we are firewalled out. 
The sftp client just simply fails to connect.
If I drop the other network and we only have the one provider going we connect just fine, but then we are not firewalled out of the remote system. 


I have asked the operator of that system to allow our /29s and they 
scoffed... so I have to figure this out.



Shorewall Guy wrote:

Mark Rutherford wrote:

  

I sent along with my first message the output of shorewall dump

The issue is that we have to transmit files via SFTP and it has to 
originate from a certain address.

Otherwise, everything works as intended.
People can browse the internet, port forwarding works, etc etc.

    


I guess I'm lost then as to what problem you are having.

So please

a) shorewall reset
b) Do whatever it is that breaks for you; be sure to create a NEW
CONNECTION.
c) Take a shorewall dump and forward it
d) Tell us:

        a) What the SOURCE IP address was
        b) What the destination IP address was
        c) What the application was (UDP/TCP, dest port number)
        d) What you expected to happen
        e) What you believe actually happened and why you believe that.

I can tell you that you don't have the necessary masq entries to make
packet marking work from the firewall itself -- is that related to your
problem?

Thanks


------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

  





Attachment:
status.txt.gz

Description: application/gzip


------------------------------------------------------------------------------

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users






















					Reply via email to