Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 28 November 2024, 01:15:07 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  BLUE/GREEN Weirdness
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: BLUE/GREEN Weirdness  (Read 7862 times)
sowley
Jr. Member
*
Offline Offline

Posts: 2


« on: Wednesday 06 March 2013, 06:36:33 am »


I cannot figure this out.  I have used the intra-zone control panel to poke a hole through from Blue (network 192.168.70.0/23, blue is *70.1) to Green (network 10.0.0.0/16, Green is 10.0.0.47) for a specific server (10.0.1.159), so that our wireless network can reach a dns server in Green.  We have a static route set up in the 10.* network's router so that its members know to use the Green interface on Endian for the Blue network access.

To make things easy i started out allowing <ANY> through to this server. I can tracert and ping from a PC in the Green network and reach a PC in Blue, as you would expect.  If I set up an SNAT that makes traffic from Blue look like the Green interface, then I can tracert or ping from the Blue PC to a Green one, but only if I do that and even then DNS is always blocked:

FORWARD:DROP UDP  (br2) 192.168.71.253:62856 -> 10.0.1.159:53 (eth2)

Some other sort of traffic gets through periodically, but I do not know what this is, and it would appear that the Zone rule is being applied in this case:

ZONEFW:ACCEPT:6:l3 UDP  (br2) 192.168.71.253:137 -> 10.0.1.159:137 (br0)

I also see this once in a while:

INPUTFW:DROP UDP  (br0) 10.0.1.159:67 -> 255.255.255.255:68

So, what am I doing wrong?  If I can just get Blue to talk to a few servers in Green I am all set.

Many Thanks!
Logged
sowley
Jr. Member
*
Offline Offline

Posts: 2


« Reply #1 on: Wednesday 06 March 2013, 08:54:08 am »

Fixed it!  Thanks!

S.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com