All my addressing for this problem are public addresses. For discussion
we will use 65.65.65.0/29 as the network mask for Interface Int.
My gateway''s address is 65.65.65.1
There are two internal firewalls on this network, 65.65.56.2 and
65.65.65.3, both have their default route set as 65.65.65.1. Both
internal firewalls can get out on the net and can access the gateway.
Neither can access the other. What the gateway needs to do is respond
with ICMP redirect messages for any datagram it receives from one
internal firewall for the other (or any of the address ranges behind
each firewall.
What do I do to get ICMP redirects working?
Here are my files:
zones:
fw firewall
Int ipv4 #
Ext ipv4 #
policy:
all fw DROP info
fw all DROP info
Int Ext ACCEPT
Ext Int ACCEPT
rules:
ACCEPT all all icmp
ACCEPT all fw tcp 724
ACCEPT all fw tcp 10000
ACCEPT Int fw tcp 5902:5903
ACCEPT Ext fw tcp 5902:5903
I would think that first rule would allow for ICMP redirects.
BTW, I do NOT want to run an internal routing protocol on this net,
static routes have always worked in the past (my speedstream did the
redirects when it functioned as the gateway).
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08