Yes that's right Rule 0 is AntiSpoofing, I totally forgot. Brilliant!
I checked the antispoofing rules under the internal firewall interface.
I have specified under Valid Addresses: Others.
This group contains Internal_Net (with broadcast allowed),
InternalDHCPServer
with IP 255.255.255.255, and ExternalIPs (for NAT translation back to
internet).
It still doesn't work. Rule 0 is still blocking. Please note that
DHCP is NOT running on the firewall, separate machine with 10.0.0.4 address.
I set up InternalDHCPServer with an IP of 255.255.255.255. It seems like
maybe
this is not working because it is basing the spoofing on the source address
which is nothing, instead of the destination address 255.255.255.255.
Any other ideas?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
