I am having a problem getting to the DMZ zone from a different subnet:
internet-------Shorewall FW0---------10.1.0.0/22------cisco0----frame
relay---cisco1---10.0.3.0/24----Shorewall FW1---internet
|
192.168.45.1
1. from 10.0.3.X i can see all nodes on 10.1.0.0
2. before the 10.0.3.X had a direct connection to the internet it was using
the 10.1.0.0 FW to get to the internet
3. the 10.0.3.0 has a route for network 192.168.45.x to the router 10.1.0.0
4. from Shorewall FW1 I can ping cisco1
5. from cisco1 I cannot ping Shorwall FW0
6. from cisco0 I can ping Shorewall FW0
Do I have a routing problem or a shorwall problem?
Thanks
GEne TUttle
Tuttle, Gene wrote:> I am having a problem getting to the DMZ zone from a different subnet: > > internet-------Shorewall FW0---------10.1.0.0/22------cisco0----frame > relay---cisco1---10.0.3.0/24----Shorewall FW1---internet > | > 192.168.45.1Please send us ASCII art that isn''t folded into a pretzel by your mailer. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net