Brad Burleson wrote:
> All-
>
> I'm embarassed I can't make this work, it seems so simple.  And I didn't
> find the solution searching the list, and I assume I'm just missing
> something so obvious...
>
> I've got 1.22 setup on a 4801 (w/ 1621 lan) with the following interfaces:
>
> WAN:  (DHCP via cable modem)
> LAN:    (192.168.1.x/24)
> WiFi:    (192.168.2.x/24)
> DMZ:    (192.168.3.x/24)
>
> The only device plugged into the 'WiFi' subnet is a Linksys wireless router,
> and I've plugged directly into the switch and bypassed the LAN connector
> (after I disabled DHCP and set it's address to 192.168.1.150).
>   
So, the wireless router has an IP address in the 'LAN' subnet ? And it's 
connected to the Wifi interface ?
If I've understood, there is a wireless link between your 4801 and the 
linksys box and a wire connection the the lan switch ?
I don't understand why your Linksys has an ip address in the lan subnet 
if it should be connected the the wifi interface of your 4801.
> The problem is I want to be able to ssh into a box on the LAN from either
> the 'WiFi' or 'DMZ' subnets.  In addition, I need NetBIOS services available
> to 'WiFi' users.  So, I'm starting simply trying to ssh from 'WiFi' to a
> 'LAN' server and I can't connect.
>
> My rules look like this:
>
> [...]
At a first view, it seems to be good
> When I try to ssh into the LAN from WiFi, I see an entry in the firewall
> state table for port 22, but the connection still fails.
>
> So, any suggestions as to what I need to do?  The box is pretty much stock,
> no static routes, and is the only firewall/router on the network.
>   
Try to allow icmp from any to any on all interfaces and try to ping just 
to verify your problem is not a firewall rule problem.
> Thanks for any help,
>
> Brad.
>
>   

Pierre-Yves