|
||||||||||
You're right. There was a typo in the route Sometimes you look 1000times over a configuration and you don't see the red ball ... -----Original Message----- From: Chris Buechler [mailto:cbuechler at gmail dot com] Sent: Donnerstag, 13. September 2007 20:04 Cc: m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] Routing / default route any known problems? On 9/13/07, Brieseneck, Arne, VF-Group <Arne dot Brieseneck at vodafone dot com> wrote: > Hi all, > > I have two monowalls running connected via the WAN interface to a wan > network 10.5.40.0/24 one called > > DMZFW (10.5.40.20/24 gw 10.5.40.1 and 192.168.50.128/26) and FEWIMAXFW > (10.5.40.120/24 gw 19.5.40.20 and 192.168.61.0/24) > > The DMZFW has a static route to the 192.168.61.0/24 network via > 10.5.40.120 > > NATing is disabled (pure routing / firewalling) > > > In all three LANs are SSH servers. > > I can successfully open ssh connections from WAN towards both LAN SSH > servers I can successfully open ssh connection from every LAN SSH > server to the WAN SSH server I can successfully hop from one > LAN-SSH-server via the WAN-SSH-server to the other one > But: > I can not SSH from one LAN to the other. ==>WHY? > > When I put logging on I see incoming traffic passing the other > firewall green. > > > I even can not ping from one LAN to the other (if I enable it in the > FWs I see only permitted traffic but no response) > > Could it be that there is a routing issue in monowall? > Only if you created one (i.e. improper use or lacking of static routes). Since it's going out, my first guess is the lack of a return route on the destination firewall. It's almost certainly an incorrect or missing static route somewhere. -Chris --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |