/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
you are right, all the Computers share the same Switch, we have 4 switch in cascade and the internet connection is on one of the switchs. You think that is the problem? what i want to do is to plug the internet connection to the firewall and to use NAT and port Forwarding. you think that with that my problems will disapear? thanks a lot Julian <http://www.ayi-asociados.com> Julian de Anquin Consultor Sarmiento 71 - 2o Piso of. 8 x5000EYA - Cordoba - Argentina (54-0351) 4254394 4242545 [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> www.ayi.asociados.com <http://www.ayi-asociados.com> -----Mensaje original----- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] nombre de Fuzzy Fox Enviado el: Jueves, 31 de Julio de 2003 09:30 p.m. Para: [EMAIL PROTECTED] Asunto: [Masq] Re: Problem /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Julian Eduardo de Anquin <[EMAIL PROTECTED]> wrote: > > But on my firewall configuration y have > EXTIF="eth1" > INTIF="eth0" I understand that, and your firewall is doing what you've told it. If a packet comes in eth0, and leaves through eth1, then it is properly forwarded according to the rules. However, your rules do not specify what to do with traffic that comes in eth1 and leaves via eth1. So the firewall drops the packets. The real question is, why is internal traffic seen on eth1? Is this impossible in your setup? I mean, due to the cabling, there is absolutely, positively, no way for an internal host's packet to be seen on eth1? For instance, if you have all the computers, and the firewall, and the external ethernet connection, all connected together to the same hub, it might be somehow possible for one of the computers to send a packet to the wrong interface on the firewall. This will confuse it. I can't think of a way that a packet from an internal network can arrive on an external interface, unless you have some funny cabling, or something. It seems quite impossible. Perhaps you could share some information about how your systems are cabled together. -- [EMAIL PROTECTED] (Fuzzy Fox) || "Good judgment comes from experience. sometimes known as David DeSimone || Experience comes from bad judgment." _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list. _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
