[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Question



At 12:08 PM 4/29/01 -0700, Hasan Shaikh wrote:
>Hi,
>
>My firewall has two interfaces one is 192.168.0.4 and
>the other one is 10.10.0.1.  There are two machines on
>192 interface of network know as 192.168.0.2 and
>192.168.0.3 and th 10 interface has one machine
>10.10.0.2.  The machine on 192 interface of firewalls
>do no talk to the machines on 10 interface but they
>talk to the interface ip 10.10.0.1.  Please let me
>know the solution.

To know the soution, we need to know more about the problem. Assuming the
operational definition of "talk to" is "ping" ...

        ... first, confirm that the machines can all ping their "own LAN"
                interfaces on the router. If this fails, report HOW it
                fails (in context, pings can fail in 3 distinct ways).

        ... second, confirm that the machines can all ping their "other 
                LAN" interfaces on the router. If this fails, report HOW 
                it fails (in context, pings can fail in 4 distinct ways) 
                ... I think your message said this worked OK in one 
                direction, but it is difficult to be sure

        ... third, when you try to ping, say, 192.168.0.2 from 10.10.0.2,
                that actually happens on the 10.10.0.2 host (and what OS
                is it running)?  

Also tell us the basics of how the firewall is set up

        -- what version of Debian?
        -- what kernel ("uname -a")?
        -- what is its routing table ("netstat -nr")
        -- are you using IP Masq on either interface?

>Also suggest good firewalls available.


There are many firewall rulesets available for 2.2.x kernels, and a small
number (I only know of 1, actually, the "Shorewall" package) for 2.4.x
kernels. To get real help here, you will need to tell us *something* about
what you want to accomplish, since this variety of packages continues to
survive for the simple reason that each of them is good at *something*.


--
------------------------------------"Never tell me the odds!"---
Ray Olszewski                                        -- Han Solo
Palo Alto, CA           	 	         ray@comarre.com        
----------------------------------------------------------------



Reply to: