[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Problem pinging the DMZ


I'm going 2 steps forward and 1 step back building my LAN at the moment,
but at least I'm going forward overall!  :-)

I have added a 2nd NIC to my firewall so my network now looks like...

            DMZ          Secure
Debian   _______ Debian _______Hub_______Win98
Webserver       Firewall        |
                    |           |________Debian
                    |                    Backups

The firewall uses a dial-up connection ppp0;
The Secure side is connected to eth0 (;
The DMZ side is connected to eth1 (;
The webserver is;
The Win98 machine is;
I havent built the Debian box for doing backups yet but it will be

I can ping from the firewall to the Win98 machine and vice versa.
I can ping from the firewall and Win98 machine.
I can't ping the webserver at all!

I disconnected the crossover cable from the webserver and eth1 and
replaced it with a plain cable into the hub and that worked fine.  I
could even see the default Apache page using IE on the Win98 machine.

Any idea what the problem is?

I have 3 thoughts myself...

1. The crossover cable is no good, I can check this by using it as a
direct Win98/firewall connection can't I?;

2. My ipchains rules are right for ping on eth0 but wrong for eth1. 
This is very unlikely as I went over them several times last night;

3. I have done something silly by giving the DMZ interfaces 192.168.1.N
addresses.  Should I use something of the form 192.168.2.N for the DMZ
(remembering to change the netmask to suit!)?

If you need any more info. please let me know and I will post it asap.



Reply to: