Hi, i have one firewall/gateway server with two interfaces and a routing problem (?). eth0: external interface eth1: internal interface. Both ip address are valid. Services like DNS, HTTP is configured to run using eth1 ip address. The problem is when i try to connect from internet to firewall, i can´t see eth1 ip address... only eth0 ip address. So, when i try to connect to web server or transfer zones to slaves DNS servers, the connection fails (they cannot see eth1). Nothing that runs in eth1 ip address works for people outside my local network. My local network is working fine, because can see eth1, and has a masquerade rule to make transparent proxy. If i´m connected to firewall, i can see everything. I disabled all firewall rules to make tests... no results. Anyone can help me to find where is the problem? I think it´s a routing problem, but i don´t know where it is... Thanks in advance, Pereira _________________________________________________________ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Of course. IP_FORWARDING is enable for a long time. Pereira. Em 6 Apr 2004, huffo@ig.com.br escreveu:>Hi, >i have one firewall/gateway server with two interfaces and a routing >problem (?). > >eth0: external interface >eth1: internal interface. Both ip address are valid. > >Services like DNS, HTTP is configured to run using eth1 ip address. > >The problem is when i try to connect from internet to firewall, i can´t see >eth1 ip address... only eth0 ip address. > >So, when i try to connect to web server or transfer zones to slaves DNS >servers, the connection fails (they cannot see eth1). Nothing that runs in >eth1 ip address works for people outside my local network. > >My local network is working fine, because can see eth1, and has amasquerade>rule to make transparent proxy. > >If i´m connected to firewall, i can see everything. > >I disabled all firewall rules to make tests... no results. > >Anyone can help me to find where is the problem? I think it´s a routing >problem, but i don´t know where it is... > >Thanks in advance, >Pereira > >_________________________________________________________ >Voce quer um iGMail protegido contra vírus e spams? >Clique aqui: http://www.igmailseguro.ig.com.br >Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/ > >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > >----------_________________________________________________________ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Pereira,> i have one firewall/gateway server with two interfaces and a routing > problem (?). > > eth0: external interface > eth1: internal interface. Both ip address are valid. > Anyone can help me to find where is the problem? I think it´s a routing > problem, but i don´t know where it is...Has your ISP placed routing entries for eth1 IP via eth0 IP ? Are they on the same subnets ? If you do a traceroute from the internet, you should see your hops hit eth0 (and then if everything was working, hit eth1) > Of course. IP_FORWARDING is enable for a long time. I assume you''ve also turned it on in /proc/sys/net/ipv4/ip_forward ? -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damion de Soto - Software Engineer email: damion@snapgear.com SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
I installed gated to resolve my routing problem. It wa s a RIP problem. Thanks a lot, Mauricio. Em 07 Apr 2004, Damion de Soto escreveu:>Hi Pereira, >> i have one firewall/gateway server with two interfaces and a routing >> problem (?). >> >> eth0: external interface >> eth1: internal interface. Both ip address are valid. >> Anyone can help me to find where is the problem? I think it´s a routing >> problem, but i don´t know where it is... > >Has your ISP placed routing entries for eth1 IP via eth0 IP ? >Are they on the same subnets ? >If you do a traceroute from the internet, you should see your hops hit eth0 >(and then if everything was working, hit eth1) > > > Of course. IP_FORWARDING is enable for a long time. >I assume you''ve also turned it on in /proc/sys/net/ipv4/ip_forward ? > >-- >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >Damion de Soto - Software Engineer email: damion@snapgear.com >SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809 > | Custom Embedded Solutions fax: +61 7 3891 3630 > | and Security Appliances web: http://www.snapgear.com >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > --- Free Embedded Linux Distro at http://www.snapgear.org --- > >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > >----------_________________________________________________________ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Anyone knows a pdf, text, html that explains how /etc/gateway, or gated.conf works? I installed gated, configured rip1 and now is working, but i want to know everything about... Thanks any help, _________________________________________________________ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/