Routing isn't an issue. if I turn off packet filtering (pfctl -d) everything works perfect.
I turn it on... and I can get onto the firewall from my "full access" workstations outside of the network. I can't hit anything else in any networks while it's turnned on, unless I comment out the "block all" statements at the end. I did have a Linux firewall in it's place. It worked great for the last few years. But I needed something that I could support IPSec on. Ran some tests.. and OpenBSD was the eaisest and supported the most. As for the 192.168.3.250... internet]---[openbsd]----[router]------[end user] Between openbsd and router, I'm using 1918 addys.. I dont' need to wast IP Addresses on something that can use private and work just the same. Oh.. and the link... http://www.iodamedia.net/pf.conf Go grab it.. and tell me what I'm doing wrong! -Shawn > Do you have all routing set up correctly? Is the network that > 192.168.3.250 is on in the same subnet as one of the firewall interfaces? Or is it a >separate network? > You'd need to add a route for it if it's separate. > I had something funky happen with my routes at one point and had to re-add. > > Good luck > >> I enable it.. what happens.. I loose connectivity to all the networks. Nothing can >see anything outside >> of their network. >> do a ping from the firewall, and you get: >> >> ping: sendto: No route to host >> ping: wrote 192.168.3.250 64 chars, ret=-1 >> >> >> Anyone have any ideas?
