Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 966 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't access host

villegente
Hi,

I have something very strange with my Astaro !

I have 2 Astaro (ASG1 and ASG2) linked by a VPN IPSec. ASG1 is connect to network1 and ASG2 to network2.
In ASG1 I have 1 rule saying "network2 -->any-->network1 allow". But one host (Host2) in network2 can't access to one server (Server1) in network1.

If I change my rule on ASG1 to : "Host2 -->any-->Server1 allow" all it's Ok. 

Do you see what is wrong with my first rule ?

    Regards,


This thread was automatically locked due to age.
Parents
  • 0
    Astaro doesn't tell you, but there's a "hidden" rule, 60001, that's evaluated after all of your PF rules, and it does exactly what your rule 38 does.

    That's interesting that the packet gets considered by your rule and doesn't get passed.  The only thing I can imagine is that the definition in ASG1 for Network2 isn't what you intended.

    Anyway, after finding a way to make it work, it's hard to justify spending much time on figuring out why the first solution didn't work.

    Cheers - Bob
Reply
  • 0
    Astaro doesn't tell you, but there's a "hidden" rule, 60001, that's evaluated after all of your PF rules, and it does exactly what your rule 38 does.

    That's interesting that the packet gets considered by your rule and doesn't get passed.  The only thing I can imagine is that the definition in ASG1 for Network2 isn't what you intended.

    Anyway, after finding a way to make it work, it's hard to justify spending much time on figuring out why the first solution didn't work.

    Cheers - Bob
Children
No Data