Hello, i have the following issue: i need to access a host (***.98.202.53) that's behind an interface on my UTM box, the interface is 192.168.10.x/24 with a .254 as default gateway and is configured as DHCP client. this IF is NOT set as default gateway(as it doesnt has access to anything BUt that host) on another interface i have the normal internet connection. now, i have done the following: [LIST=1] Configured the interface "private" as DHCP client, it gets IP 192.168.70.2/24 Made a host definition for that IF GW (192.168.0.254) bound to the "private" IF Made a host definition for the specific host (***.98.202.53) bound to the "private" IF as well Made a PF rule allowing LAN->host Made a policy route, type gateway, from LAN-> host, gateway "private GW" [/LIST] and it doesn't works, i can see a initial packet loaded in PF live log but no ping, no traceroute pass, if i traceroute from UTM itself it goes to internet, ping from lan or utm also fail. I tried making a static gateway router, with same definition, no avail. What am i doing wrong?, or the problem is not on my UTM and instead is a routing table issue on the .254 gateway?

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

dyn/static route on 2nd IF not working?

Hello,
i have the following issue: i need to access a host (***.98.202.53) that's behind an interface on my UTM box, the interface is 192.168.10.x/24 with a .254 as default gateway and is configured as DHCP client.
this IF is NOT set as default gateway(as it doesnt has access to anything BUt that host)
on another interface i have the normal internet connection.

now, i have done the following:

[LIST=1]

Configured the interface "private" as DHCP client, it gets IP 192.168.70.2/24
Made a host definition for that IF GW (192.168.0.254) bound to the "private" IF
Made a host definition for the specific host (***.98.202.53) bound to the "private" IF as well
Made a PF rule allowing LAN->host
Made a policy route, type gateway, from LAN-> host, gateway "private GW"

[/LIST]

and it doesn't works, i can see a initial packet loaded in PF live log but no ping, no traceroute pass, if i traceroute from UTM itself it goes to internet, ping from lan or utm also fail.

I tried making a static gateway router, with same definition, no avail.

What am i doing wrong?, or the problem is not on my UTM and instead is a routing table issue on the .254 gateway?

This thread was automatically locked due to age.

Parents

0 Mast_01 over 11 years ago

Well i just went to the site, connected the link to a computer and it worked perfectly, the issue then is in the UTM.

as an extra note:
no matter if i make a static route(metric 1/5), a policy route or enable/disable them, when i tracert the IP it goes UTM and then internet gateway, it's completely ignoring the policy route!.

as you see the policy goes, from internal network, ANY protocol to carestream(the .53 ip) then use the 192.168.70.254 gateway to reach it
making an interface route also doesn't works

what am i missing?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Mast_01 over 11 years ago

Well i just went to the site, connected the link to a computer and it worked perfectly, the issue then is in the UTM.

as an extra note:
no matter if i make a static route(metric 1/5), a policy route or enable/disable them, when i tracert the IP it goes UTM and then internet gateway, it's completely ignoring the policy route!.

as you see the policy goes, from internal network, ANY protocol to carestream(the .53 ip) then use the 192.168.70.254 gateway to reach it
making an interface route also doesn't works

what am i missing?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data