[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Very Annoying problem... blocks everything...



Only on the dc0 interface.  the 192.168.3.0/24 block is on the dc1 interface.
The dc0 interface goes to the internet... I don't want/need to send anything from 192.168/16 to the internet
since their 1918 addys...
-Shawn
>
>
>
>
>> Do you have all routing set up correctly?  Is the network that
>> 192.168.3.250 is on in the same subnet as one of the firewall
> interfaces? Or is it a separate network?
>> You'd need to add a route for it if it's separate.
>> I had something funky happen with my routes at one point and had to
> re-add.
>>
>> Good luck
>>
>>> I enable it.. what happens.. I loose connectivity to all the
> networks.  Nothing can see anything outside
>>> of their network.
>>> do a ping from the firewall, and you get:
>>>
>>> ping: sendto: No route to host
>>> ping: wrote 192.168.3.250 64 chars, ret=-1
>>>
>>>
>>> Anyone have any ideas?
>
> block in   log  quick on dc0 inet  from { 172.16.0.0/12 , 192.168.0.0/16
>
> the 192.168.3.250 is included in this rules ?