Hi all,
I have a problem that i am hoping someone can help with. One of my ASG (7.305) machines has a problem after a restart.
I have an external interface, an internal interface and a DMZ interface.
I have a masqarade rule for the internal and DMZ interfaces and a whole bunch of nat rules for various IPs and services. One of the servers in the DMZ runs Nagios and monitors a number of hosts out on the internet.
After a recent UPS failure, when i restarted the firewall all seemed ok, with traffic coming in and out of th efirewall fine, except ICMP. I could not ping or traceroute to anything outside of the firewall. I could ping between the DMZ and the internal interfaces, just not the internet.
I tried deleting and recreating the DNAMT/SNAT rules, but this had no effect. In the end, i disable all the masq rules and ICMP started to work. I reenabled the masq rules and everything still works.
I am assuming that i have something configured wrongly for this to happen, but i can not see anything that is wrong. the firewall is working perfectly, apart from this one issue.
Has anyone seen anything like this before, or have any idea what i have done to cause it.
thanks
This thread was automatically locked due to age.