On 2/17/2014 9:32 AM, Tom Eastep wrote: > On 2/17/2014 9:10 AM, Rodrigo Cortes wrote: >> Hi!!! behind firewall exist a Layer 3 cisco, this cisco switch >> routing have default gateway to firewall. Then firewall need send >> routes back to cisco for correct routing process. >> >> is possible some error in this!? > > The Cisco has all of the routes it needs -- it is the other systems in > 192.168.1.0/24 that don't know how to route to 10.*.*.*. > > You might try adding the appropriate routes on your servers > (192.168.1.231, .234 and .239) and see if that helps (although I don't > see why it should). At any rate, it will cut down on the number of > entries in your firewall's connection tracking table.
If your 192.168.1.0/24 network is configured using DHCP, you can configure your DHCP server to distribute RFC-3442 routes to the clients. That avoids having to configure routes on each local host manually. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
