Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 748 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

priavte subnet not working

Bob M
I have set up one interface as 192.168.32:

eth4      Link encap:Ethernet  HWaddr 00:20:FC:1E:61:47  
          inet addr:192.168.128.33  Bcast:192.168.128.63  Mask:255.255.255.224
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1211 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          Interrupt:11 Base address:0x10c0 Memory:40700000-40700038 


I have enabled PINGing in the Packet Filters PING settings.

But I cannot ping the firewalll from a system on that subnet, nore can the firewall ping it:

k:/home/login # ping 192.168.128.44
PING 192.168.128.44 (192.168.128.44): 56 data bytes
ping: sendto: Operation not permitted
ping: wrote 192.168.128.44 64 chars, ret=-1

Can't access the interface for any traffic.  Oh I have an Any/Any/Any/Allow rule enabled.

Any ideas?

 


This thread was automatically locked due to age.
  • 0
    I just set up eth3 as:

    eth3      Link encap:Ethernet  HWaddr 00:20:FC:1E:61:46  
              inet addr:65.84.78.246  Bcast:65.84.78.247  Mask:255.255.255.248
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:143 errors:4 dropped:0 overruns:0 frame:4
              TX packets:45 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:100 
              Interrupt:11 Base address:0x1080 Memory:40600000-40600038 

    And it works just fine.  So there is something wrong with my private address setup....

     
  • 0
    Code:

    

    Hi,

    

    	Operation not permitted

    

    Means that you are not allowing ICMP packets to be able to pass through the firewall

    (ASL) to the interface of the network you are trying to reach. You need to compliment

    these limits with a Packet Filter rule!

    

    The options below control ICMP traffic from one interface through to another, and

    from the firewall console itself (respectively) through an interface.

    

    	ICMP-forward:

    	ICMP on firewall:

    

    If the options above are not set properly then you will see "Operation not permitted"

    as the error.

    

    If it were simply a missing Packet Filter rule, you would simply see 100% packet loss.

    

    

    Regards.

    kr8

    Code: