I am having hard time with issue that some of the DSL (ATT) are having
issues connecting to website behind my openbsd firewall. Now if I
switched it back to cisco asa , access works flawlessly.
Everyone including those on DSL(ATT) are able to access the website
(with cisco) but as soon as I put my Openbsd firewall website access
to SOME DSL (ATT) users stops working.
I troubleshooted the problem to be related to "scrubbing
(normalization of packets)".
So I tried couple of options in scrubbing rules: and got couple of
people experiencing the problem to work but there are few still
complaining that they can't access the site. I have tried this from
multiple different connections. Even with Verizon EVDO internet
access , people can't access the site. Its reallly weired and I have
been pulling my hair on this. I don't really want to put other
firewall in.
I would like to know what other people who are running openbsd as
firewall are using for scrubbing.
Here is what I used first time:
scrub in all
and then changed to
scrub in all no-df
scrub out all no-df
and got few of DSL users to see the site but then others still can't.
Verizon users can't either.
Any thoughts/help highly appreciated. I dont' want to go BALD :)
Thanks