Ahhh, OK. I think I know what happened know. I went back and re-read my logs now that I know that's a PTF.... That traffic occurred after I had set up our internal network on the IP Pass Through Host/Network list but before I had set up the Pass Through Filters for that network.
Why would I have problems passing through a 192.168.0.x to a 10.0.0.x? I know these are non-routable addresses through the Internet, but since my GB's PSN interface is 10.0.0.1 and it's PRO interface is 192.168.0.1, it has all the routing information already known: These are the entries on the GB's Route Table: 10.0.0.0/24 xl2 UC 192.168.0.0/24 xl1 UC > -----Original Message----- > From: Ben Alexander [mailto:[EMAIL PROTECTED] > Sent: Monday, November 15, 2004 13:55 > To: Christopher A. Congdon > Subject: RE: [gb-users] Problems with workstation connections > > PTF is PassThroughFilter > > You need to make a rule to allow 53 UDP through, but you're going to > have problems with PassThrough on a 192.168.0.x to a 10.0.0.x > > > -----Original Message----- > From: Christopher A. Congdon [mailto:[EMAIL PROTECTED] > Sent: Monday, November 15, 2004 1:50 PM > To: [EMAIL PROTECTED] > Subject: RE: [gb-users] Problems with workstation connections > > OK, just to clear something up (Thanks to those of you who have sent > e-mails...but....) > > I do know that port 53 is a DNS request. And since it is targeted at a > DNS server it is expected...but... > > 1) What does Block PTF and flt_type=PTF mean? The only blocks I'm used > to seeing are RAF. > > 2) WHY would it block a DNS request to my DNS server, especially from > the PRO to the PSN? > > > > -----Original Message----- > > From: Christopher A. Congdon <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> > > Sent: Mon Nov 15 19:18:04 2004 > > Subject: RE: [gb-users] Problems with workstation connections > > > > Also, can somebody tell me what this message means? > > > > Nov 15 13:11:45 pri=4 flt_type=PTF flt_action=block msg="Block PTF" > > proto=53/udp src=192.168.0.106 srcport=2308 dst=10.0.0.62 dstport=53 > > interface=xl1 > > > > 192.168.0.106 is Nelson's machine in my little dilemma. The 10.0.0.62 > is > > our secondary DNS server. > > > > ------------------------------------------------------ > > To unsubscribe: [EMAIL PROTECTED] > > For additional commands: [EMAIL PROTECTED] > > Archive: http://archives.gnatbox.com/gb-users/ > > ------------------------------------------------------ > To unsubscribe: [EMAIL PROTECTED] > For additional commands: [EMAIL PROTECTED] > Archive: http://archives.gnatbox.com/gb-users/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
