Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 843 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Two network Segements - Packet filter - not closed

BoBoeBoe
I have an ASL with 3 nics
eth0 (192.168.0.10) - internal_
eth1 (internet ip_address) - external_
eth2 (192.168.1.10) - internal_wireless_
The latter one is connected to a wireless router!

Now I want both local networks to be able to access the internet but I don't want to allow them to see each other. However my packet rules don't seem to work. I can still ping from network one 192.168.1.xxx to 192.168.0.xxx 

Could anyone explain where I go wrong? and how to resolve this issue

My NAT/Masquerading rules look like:
InternetMask Internal_Network__ -> Any / Any MASQ_external None
InternetMask Internal_wireless_Network__ -> Any / Any MASQ_external None

My packet filter rules look like:
internal_wireless_network__ any internal_network__ reject
internal_network__ any any allow
internal_wireless_network__ any any allow

A single remark remains the network behind the wireless router has an ip number in the range 192.168.123.xxx. From there one also sees the internal_network
  


This thread was automatically locked due to age.
Parents
  • 0
    In WebAdmin: Packet Filter -> ICMP, is the ICMP forwarding turned on? That would explain why you can still ping but you should not be able to do anything else according to your packet filter rules. 
Reply
  • 0
    In WebAdmin: Packet Filter -> ICMP, is the ICMP forwarding turned on? That would explain why you can still ping but you should not be able to do anything else according to your packet filter rules. 
Children