Dear All,
I am using Shore wall for a long time and its working file . It connects to
other department through our local ISP for our data connectivity with no access
to internet
Version 4.5.8
Os centos 5.9 64 Bit
I am using a masq file as below for our network users to outside using the eth0
Ip which connects to the our gateway data router as below
# For information about entries in this file, type "man shorewall-masq"
###############################################################################
#INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC
MARK
#
eth0 172.16.0.0/16,\
192.168.30.0/16,\
91.198.134.0/24,\
10.1.0.0/16,\
10.2.1.0/24,\
192.168.30.0/24,\
192.168.144.0/24,\
192.168.107.0/24
#
This setup is working perfectly
Now I have a new Server with the below
Centos 7
Shorewall 5.1.10.2
Now the masq file is superseded by the snat file so I have the below SNAT file
ACTION SOURCE DEST
MASQUERADE 172.16.0.0/24 enp31s10f0
MASQUERADE 10.1.0.0/24 enp31s10f0
MASQUERADE 10.2.1.0/24 enp31s10f0
MASQUERADE 192.168.0.0/24 enp31s10f0
Now the issue is from a local client pc ip I am not able to ping the server IP
which is example 10.6.1.240 but from the shorewall server itself I am able to
ping
Also from my current shorewall 4.5.8 server all my local client pc can ping
10.6.1.240.
Since the server is in production downtime is critical as I cannot wait for long
Just wondering if my syntax is fine
Appreciate your kind help
Regards
simon
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
