EFW Support

As you can see on the diagram i can ping the back office. But Backoffice cannot ping the mainoffice. But all ports is open backoffice can reach my mainoffice. Is there anyway to open icmp packets?

Can you please elaborate which host IP you are trying to ping and from which source host?

For example 10.45.1.5 my backoffice fileserver and the other backoffice client pc's cannot ping my main server which is ip address 192.168.5.2 and also mainoffice client pc's. But all protocol is working normally. They can reach my server rdp ports telnet smtp pop3 etc.

If there is a router in between and if you have routing enabled on it then your traffic won't passed to endian until a request for external network. I m confused as i can see you have a router between back office and main office? ??

Endian passed the traffic there is no problem. My ip rule as below. My problem is i cannot ping from the external net to the Green A network...

root@endian:~ # ip rule
0:      from all lookup local
10:     from all fwmark 0x10/0x7f8 lookup gateway-192.168.5.10
10:     from all to 10.45.1.0/24 lookup gateway-192.168.5.10
199:    from all fwmark 0x8/0x7f8 lookup uplink-main
200:    from 200.150.10.2 lookup uplink-main
32766:  from all lookup main
32767:  from all lookup default
root@endian:~ #

First create system access i.e firewall , that are you able to acess and ping endian firewall or not. From external and internal sources..

internal ping ok. system access rules looks good. But im unable to ping from the external net ???

Guys, i found the solution. The problem is on the iptables FORWARD chains. Just delete the rule number 7 and voila its just worked.

iptables -D FORWARD 7