Baseline:
ASL 3.380, 3 interfaces. etho - Clean, eth1 - DMZ, eth2 - dirty interface.
DNAT/SNAT rules set up for inbound FTP and HTTP from ETH2 to DMZ.
Rulebase set to all:all:all:allow
STILL cannot get to the webserver on the DMZ
NAT Rules are as follows:
code:Webserver works fine, is listening to other hosts on the network, just not receiving the traffic from the ASL system. It is wierd as hell. Traffic logs for the HTTPD server show no connections, and te host syslog shows no dropped packets.Inbound FTP Any -> External_Interface__ / FTP None DMZ Webserver / FTP
Inbound Web Services All -> External_Interface__ / HTTP None DMZ Webserver / HTTP
Trusted Outbound Internal_Network__ -> All / All MASQ__External None
When I use the network tools, pecifically TCP connect, I get the following error:
code:Could it be a routing table issue?192.168.100.00: inverse host lookup failed: Unknown host
(UNKNOWN) [192.168.100.0] 21 (ftp) : Network is unreachable
sent 0, rcvd 0
My routing table is as follows:
code:Suggestions? I am confused as h@77 on this one...192.168.100.0/24 dev eth1 scope link
172.16.2.0/24 dev eth0 scope link
XX.XX.XX.0/24 dev eth2 scope link
127.0.0.0/8 dev lo scope link
default via XX.XX.XX.1 dev eth2
Bob
[size="1"][ 30 December 2002, 10:00: Message edited by: Orcusomega ][/size]
