I have not done this on EFW, but I have done it on my linux firewall systems I've built. So long as the two Green NICS have differing IP addresses, you should be able to ping them both. Try giving both eth0 and eth2 different IPs on the same subnet. Then turn off eth2. Ping eth0. Then flip and turn off eth0. Ping eth2. If both can be ping separately with differing IPs on the same subnet, it should work fine. You should then be able to turn both on and ping either IP. Though I should note that the route it will take will be that of going to the default route IP first normally. If the default route IP is that of eth0, then your traffic may go to eth0 then to eth2 then back. Do a few tests as I've stated above and let me know how it goes. I'll be happy to help you further if it still isn't working.
Daniel Moree Systems Analyst [re]defining ready 300 East College Avenue | Hartsville, SC 29550 phone: (843) 383-8186 | help desk: (843) 383-8323 Become a Fan! - http://www.facebook.com/cokercollege http://www.coker.edu | http://support.coker.edu On 02/10/2011 12:33 AM, CoryC wrote: > Been using EFW on small networks for years and looking into using it to > replace a couple of Cisco PIX 515E firewalls that are currently linked via > VPN on a larger 100 user network. I'm not overly familiar with Cisco and want > something more easily manageable. > > Using a vmware environment to test if EFW can meet the requirements before > investing in hardware. I need to be able to setup 4 different zones with VPN > links between some of the zones. I am trying to setup two different subnets > on Green using two different NICs. > > Needless to say it's not working so I'm reducing to a basic config with 3 > nics: 2 green (eth0& eth2) w/ 1 IP& 1 red (eth1) w/ 1 IP. I have an XP VM > that can ping the green IP when it is attached to the same virtual switch as > eth0 but can not ping the green IP when it attached to the same virtual > switch as eth2. > > If I remove eth0 from the green zone then the VM can ping the green IP from > the eth2 switch. As soon as I re-add eth0 to the green zone I'm no longer > able to ping the green IP via the eth2 switch but can the eth0 switch. > > Next step will be to take a computer, a laptop,& a crossover cable for my > testing but before I do I wanted to know if anybody else had tried this yet > on 2.4.1 and confirmed that it worked right. > > > ------------------------------------------------------------------------------ > The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: > Pinpoint memory and threading errors before they happen. > Find and fix more than 250 security defects in the development cycle. > Locate bottlenecks in serial and parallel code that limit performance. > http://p.sf.net/sfu/intel-dev2devfeb > _______________________________________________ > Efw-user mailing list > Efw-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/efw-user Confidentiality Note The information contained in this email message is being transmitted to and is intended only for the use of the individual named above. If the reader of this message is not the intended recipient, you are hereby advised that any dissemination, distribution or copy of this email is strictly prohibited. If you have received this email in error, please immediately notify us by telephone or email and delete this email message. ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
