On Fri, 11 Feb 2005, Dana Spiegel wrote:
> I have LAN set up with private subnet 10.1.0.1/16
> I have configured OPT1 with subnet 10.4.54.99/24 (this is a separate
> private large network that I need to access a few computer on 10.4.54.67
> and .69, for example).
> Netstat looks ok:
> $ netstat -nr
> Routing tables
> Destination Gateway Flags Refs Use Netif Expire
> default X.X.X.X UGSc 2 12672 fxp1
> 10.1/16 link#2 UC 16 0 fxp0
> 10.1.0.4 xx:xx:xx:xx:xx:xx UHLW 0 1 fxp0 1090
> 10.4.54/24 link#1 UC 4 0 xl0
> 10.4.54.67 link#1 UHLW 0 6 xl0
> 10.4.54.69 link#1 UHLW 0 4 xl0
> 127.0.0.1 127.0.0.1 UH 0 0 lo0
> X.X.X.X/29 link#3 UC 1 0 fxp1
> X.X.X.X xx:xx:xx:xx:xx:xx UHLW 2 0 fxp1 837
> The problem is that from the LAN, I can't access any computers on the
> OPT1 interface. The routing looks correct (see above), but there must be
> something I'm missing with firewall configuration. I've searched the
> archives, but haven't found anything useful (yet).
Do the other machines on the OPT1 side have 10.4.54.99 as the gateway to
10.1/16, or as the default gateway?
Also, is ARP working correctly on OPT1? When I look at a similar
(working) situation here, the "gateway" entry for the remote OPT1 machine
shows its MAC address, not "link#<n>".