Richard Fantini
2003-Feb-14 08:17 UTC
[Shorewall-users] Shorewall on MNF using heartbeat for aliased gateway
I''m not exactly sure if this is a shorewall issue, if it''s not I apologize... you''ll have to excuse me, I''m rather limited in my Linux experience. Ok... I have two firewalls running Mandrake MNF set up for HA using Heartbeat. Each firewall has three nics, Internet, DMZ and LAN. For illustration purposes, the networks will be 209.112.57.0/24 (Internet) 192.9.201.0/24 (DMZ) and 192.9.200.0/24 (LAN). So firewall 1 has eth2 209.112.57.2 eth1 192.9.201.1 eth0 192.9.200.1 and firewall 2 has eth2 209.112.57.3 eth1 192.9.201.2 eth0 192.9.200.2 The shared addresses are eth2:0 209.112.57.4 eth1:0 192.9.201.3 eth0:0 192.9.200.3 They heartbeat over each interface and a serial link, and everything is working fine. The problem is, I''m not sure if how to get the shared 192.9.200.3 address to act as the gateway for the LAN. I have Masq set for 192.9.200.0/24 using eth2 on both firewalls, which works fine if I''m using 192.9.200.1 or 192.9.200.2 as my gateway, but not 192.9.200.3. I''m sure that this is just something silly I''m overlooking... like some route, or shorewall rule that I need to add... but like I said, I am not particulary familiar with Linux. Thanks in advance. -Rich
Richard Fantini
2003-Feb-14 08:49 UTC
[Shorewall-users] Shorewall on MNF using heartbeat for aliased gateway
Sorry about that last message... everything is working now. Seems that one of the cheap switches I was using to test the machines wasn''t working properly. When I plugged everything into the rack units, it was fine. -Rich ----- Original Message ----- From: "Richard Fantini" <richard@fantini.com> To: <Shorewall-users@lists.shorewall.net> Sent: Friday, February 14, 2003 11:22 AM Subject: [Shorewall-users] Shorewall on MNF using heartbeat for aliased gateway I''m not exactly sure if this is a shorewall issue, if it''s not I apologize... you''ll have to excuse me, I''m rather limited in my Linux experience. Ok... I have two firewalls running Mandrake MNF set up for HA using Heartbeat. Each firewall has three nics, Internet, DMZ and LAN. For illustration purposes, the networks will be 209.112.57.0/24 (Internet) 192.9.201.0/24 (DMZ) and 192.9.200.0/24 (LAN). So firewall 1 has eth2 209.112.57.2 eth1 192.9.201.1 eth0 192.9.200.1 and firewall 2 has eth2 209.112.57.3 eth1 192.9.201.2 eth0 192.9.200.2 The shared addresses are eth2:0 209.112.57.4 eth1:0 192.9.201.3 eth0:0 192.9.200.3 They heartbeat over each interface and a serial link, and everything is working fine. The problem is, I''m not sure if how to get the shared 192.9.200.3 address to act as the gateway for the LAN. I have Masq set for 192.9.200.0/24 using eth2 on both firewalls, which works fine if I''m using 192.9.200.1 or 192.9.200.2 as my gateway, but not 192.9.200.3. I''m sure that this is just something silly I''m overlooking... like some route, or shorewall rule that I need to add... but like I said, I am not particulary familiar with Linux. Thanks in advance. -Rich _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.shorewall.net http://lists.shorewall.net/mailman/listinfo/shorewall-users