To start, look at the not attached network diagram. :)
I have an odd routing issue with the network described there. The
flaming firewall is a typical m0n0wall firewall, running 1.34. Work
well, and the 5 IPsec tunnels are not represented.
We just installed a virtual network on 192.168.43.x and m0n0wall is the
VMware router to the vnet. (Ignore the virtual aspect if it helps) It
has been on both 1.8b and 1.34... NAT is turned off in advanced
outbound NAT, and the firewall on both sides is wide open. There is
also a static route in the primary firewall (192.168.40.1) pointing to
the virtual router (192.168.40.2 WAN, 192.168.43.1 LAN).
Now, from the 192.268.40.x network I can ping any device on the
192.168.43.x network. No device on the 192.168.43.x network can ping
any device on the 192.168.40.x network. However, running wireshark on a
192.168.40.x device, I can see both the ping and the echo reply. But it
never gets back. But if I then ping from the 192.168.40.x device to the
192.168.43.x device in question, the pings magically start working.
Odd, right? Any ideas?