> We were correct in that when I removed the extra IP from the interface > it solved the initial problems at least partially. I can now ping eth1 > and eth2 on the lrp but not eth0. In other words both subnets can ping > the others interface on the router but not past it to the rest of the > subnet. If the DMZ (192.168.10.1) can see the interface at 192.168.1.254 > (eth1on lrp) shouldn't the router handle the rest of the routing? > As well as out to the internet? The route command on the DMZ shows:
A bit of background... The default dachstein firewall scripts will NOT route traffic between interfaces unless EXPLICITLY told to do so. If you simply add a third (or fourth, or fifth...) interface, it will come up, and the router will be able to ping devices on the new network, but NO TRAFFIC will be forwarded between this new interface and other interfaces without properly setting up the firewall rules (ie making the new interface a DMZ or additional internal net) or creating some custom firewall rules in one of the /etc/ipchains.* files. NOTE: If you add your new interface to the list of internal networks, systems on the new network will be able to see the internet, but systems on different internal networks will NOT be able to communicate with each other, unless you add explicit rules to /etc/ipchains.forward to allow this. It sounds like you're to the point where everything is setup except systems on your new DMZ interface cannot talk to the internet or to systems on your internal net. If you properly configure the DMZ settings (probably for a port-forwarded DMZ), everything should begin to work. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
