|
||||||||
All- I'm embarassed I can't make this work, it seems so simple. And I didn't find the solution searching the list, and I assume I'm just missing something so obvious... I've got 1.22 setup on a 4801 (w/ 1621 lan) with the following interfaces: WAN: (DHCP via cable modem) LAN: (192.168.1.x/24) WiFi: (192.168.2.x/24) DMZ: (192.168.3.x/24) The only device plugged into the 'WiFi' subnet is a Linksys wireless router, and I've plugged directly into the switch and bypassed the LAN connector (after I disabled DHCP and set it's address to 192.168.1.150). The problem is I want to be able to ssh into a box on the LAN from either the 'WiFi' or 'DMZ' subnets. In addition, I need NetBIOS services available to 'WiFi' users. So, I'm starting simply trying to ssh from 'WiFi' to a 'LAN' server and I can't connect. My rules look like this: LAN === Block TCP/UDP "LAN net" * "! WiFi net" 135 Block TCP/UDP "LAN net" * "! WiFi net" 137-139 Block TCP/UDP "LAN net" * "! WiFi net" 445 Allow * "LAN net" * * * WAN ==== Block * "RFC 1918 networks" * * * Block * * * * * WiFi ==== Allow TCP/UDP "WiFi net" * 192.168.1.250 22 (SSH) Allow TCP/UDP "WiFi net" * 192.168.1.250 80 (HTTP) Allow * "WiFi net" * * * When I try to ssh into the LAN from WiFi, I see an entry in the firewall state table for port 22, but the connection still fails. So, any suggestions as to what I need to do? The box is pretty much stock, no static routes, and is the only firewall/router on the network. Thanks for any help, Brad. |