This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I want my packets back :)

hi there

been having some problems with packets lately.

(1) eth0 211.211.211.211
   alias eth0:0 211.211.211.210

(2)  eth1 192.168.1.1

(3) eth0 192.168.1.2

(4) -gateway 211.211.211.129

I have a the following routes on the firewall

211.211.211.210 192.168.1.1     255.255.255.255 UGH   0      0        0 eth1
0.0.0.0         211.211.211.209 0.0.0.0         UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
0.0.0.0         211.211.211.129 0.0.0.0         UG    0      0        0 eth0

I have a DNAT entry for http on internal box

211.211.211.210 http 192.168.1.2 http
211.211.211.210 https 192.168.1.2 https

and http/https requests from internet to internal box work fine (i had remove reverse lookup)

the problem is as follows

I can't make any requests from internal box to the internet. packets seem to leave but never get back.
the dafault route on internal box is 192.168.1.1

what do i need to do to get this to work as masquerading and SNAT don't seem to solve my problem, unless I've missed something

thanks

Emma ^..^

This thread was automatically locked due to age.

0 tom_01 over 23 years ago

hi emma,

you must

1. masquerade 192.168.1.0/255.255.255.0 on eth0 of the ASL
2. add a packet filter rule to allow 192.168.1.2 to get out.

then it MUST work

/tom
Cancel
Vote Up 0 Vote Down

Cancel
0 Emma_01 over 23 years ago in reply to tom_01

many thanks Tom, that worked

Emma ^..^
Cancel
Vote Up 0 Vote Down

Cancel