subject:"RE\: Quick Routing Question"

RE: Quick Routing Question

2005-11-01 Thread Steve Bertrand

 
> Bingo, it was the static route. The wireless router didn't 
> like getting connection attempts from 10.0.0.0 addresses. 
> Turns out, the FreeBSD machine was operating as advertised. 
> Now it's time to get IPSEC set up.
>

Awesome :)

You have any q's in your new venture that aren't related to FBSD
directly, email me at [EMAIL PROTECTED], if they are IPSec
questions via implementation with FBSD directly, hit me and the list.

BTW..FBSD always works as advertised. It's seeking out the other nagging
issues using FBSD as your test platform that usually seeks them out ;)

Keep up the good work. You seem to have built a reasonable understanding
of routing. I hope that you've actually understood/learned something
from all this. I think you have.

I'd say, if you have an extra nic, add a new 172.16/16 subnet in the
mix, and see if you can get that to work too. Either way, move on with
IPSec, and you'll have one nice, strong, segmented, subnetted, secure
wireless and cabled infrastructure, right in your own home!!

After you get IPSec working, we'll get you onto IPFW, and FW tweaking ;)

Steve

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 07:49:54PM -0500, Steve Bertrand wrote:
> > -Original Message-
> > From: [EMAIL PROTECTED] 
> > [mailto:[EMAIL PROTECTED] On Behalf Of Jason Morgan
> > Sent: Tuesday, November 01, 2005 6:47 PM
> > To: freebsd-questions@freebsd.org
> > Subject: Re: Quick Routing Question
> > 
> > On Tue, Nov 01, 2005 at 03:10:44PM -0600, Eric F Crist wrote:
> > > 
> > > On Nov 1, 2005, at 11:15 AM, Jason Morgan wrote:
> > > >...
> > > >Ok, it looks like it was an issue with the default settings on the 
> > > >Linksys (and is still somewhat of an issue). I can now connect to 
> > > >systems in each of the two subnets and I also have routing to the 
> > > >outside world from both subnets. My only remaining issue 
> > is getting 
> > > >to the web app setup for the Linksys - I can only do it 
> > from a local 
> > > >address (meaning a 192.168.1.x address).  The Linksys refuses 
> > > >connections from my 10.0.0.x subnet. Is this a NAT issue?
> > > >
> > > 
> > > Most Linksys routers deny configuration from the WAN interface by 
> > > default.  You MUST configure the linksys router initially to enable 
> > > administration via the WAN interface.  At the very least, 
> > please set a 
> > > reasonable password and enable https!
> > 
> > Yeah, the router was denying connections from 10.0.0.0. I 
> > have fixed this, changed the password, and disallowed 
> > alterations from the WAN.
> 
> Great!
> 
> However, to the previous poster...
> 
> You may have missed it, but we had eliminated the WAN from the equation
> early on.
> 
> He is using the AP on the layer-2 side only. The WAN is connected to
> nothing, so that was not the issue (so far as I was involved in this
> thread).
> 
> I understand that the default on a Linksys does not allow WAN admin, but
> again, that was not the case here.
> 
> Jason...what fixed it? Was it the addition of the new static route? 
> 
> Please enlighten me.

Bingo, it was the static route. The wireless router didn't like getting 
connection attempts from 10.0.0.0 addresses. Turns out, the FreeBSD
machine was operating as advertised. Now it's time to get IPSEC set up.

Cheers,
Jason

> 
> Tks,
> 
> Steve
> 
> > 
> > Once again, thanks everyone for the help.
> > 
> > > 
> > > -
> > > Eric F Crist
> > > Secure Computing Networks
> > > http://www.secure-computing.net
> > > 
> > > 
> > > 
> > ___
> > freebsd-questions@freebsd.org mailing list 
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to 
> > "[EMAIL PROTECTED]"
> > 
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Quick Routing Question

2005-11-01 Thread Steve Bertrand

 

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of Jason Morgan
> Sent: Tuesday, November 01, 2005 6:47 PM
> To: freebsd-questions@freebsd.org
> Subject: Re: Quick Routing Question
> 
> On Tue, Nov 01, 2005 at 03:10:44PM -0600, Eric F Crist wrote:
> > 
> > On Nov 1, 2005, at 11:15 AM, Jason Morgan wrote:
> > >...
> > >Ok, it looks like it was an issue with the default settings on the 
> > >Linksys (and is still somewhat of an issue). I can now connect to 
> > >systems in each of the two subnets and I also have routing to the 
> > >outside world from both subnets. My only remaining issue 
> is getting 
> > >to the web app setup for the Linksys - I can only do it 
> from a local 
> > >address (meaning a 192.168.1.x address).  The Linksys refuses 
> > >connections from my 10.0.0.x subnet. Is this a NAT issue?
> > >
> > 
> > Most Linksys routers deny configuration from the WAN interface by 
> > default.  You MUST configure the linksys router initially to enable 
> > administration via the WAN interface.  At the very least, 
> please set a 
> > reasonable password and enable https!
> 
> Yeah, the router was denying connections from 10.0.0.0. I 
> have fixed this, changed the password, and disallowed 
> alterations from the WAN.

Great!

However, to the previous poster...

You may have missed it, but we had eliminated the WAN from the equation
early on.

He is using the AP on the layer-2 side only. The WAN is connected to
nothing, so that was not the issue (so far as I was involved in this
thread).

I understand that the default on a Linksys does not allow WAN admin, but
again, that was not the case here.

Jason...what fixed it? Was it the addition of the new static route? 

Please enlighten me.

Tks,

Steve

> 
> Once again, thanks everyone for the help.
> 
> > 
> > -
> > Eric F Crist
> > Secure Computing Networks
> > http://www.secure-computing.net
> > 
> > 
> > 
> ___
> freebsd-questions@freebsd.org mailing list 
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "[EMAIL PROTECTED]"
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 03:10:44PM -0600, Eric F Crist wrote:
> 
> On Nov 1, 2005, at 11:15 AM, Jason Morgan wrote:
> >...
> >Ok, it looks like it was an issue with the default settings on the
> >Linksys (and is still somewhat of an issue). I can now connect to
> >systems in each of the two subnets and I also have routing to the
> >outside world from both subnets. My only remaining issue is getting to
> >the web app setup for the Linksys - I can only do it from a local
> >address (meaning a 192.168.1.x address).  The Linksys refuses
> >connections from my 10.0.0.x subnet. Is this a NAT issue?
> >
> 
> Most Linksys routers deny configuration from the WAN interface by  
> default.  You MUST configure the linksys router initially to enable  
> administration via the WAN interface.  At the very least, please set  
> a reasonable password and enable https!

Yeah, the router was denying connections from 10.0.0.0. I have fixed 
this, changed the password, and disallowed alterations from the WAN.

Once again, thanks everyone for the help.

> 
> -
> Eric F Crist
> Secure Computing Networks
> http://www.secure-computing.net
> 
> 
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Eric F Crist



On Nov 1, 2005, at 11:15 AM, Jason Morgan wrote:

...
Ok, it looks like it was an issue with the default settings on the
Linksys (and is still somewhat of an issue). I can now connect to
systems in each of the two subnets and I also have routing to the
outside world from both subnets. My only remaining issue is getting to
the web app setup for the Linksys - I can only do it from a local
address (meaning a 192.168.1.x address).  The Linksys refuses
connections from my 10.0.0.x subnet. Is this a NAT issue?



Most Linksys routers deny configuration from the WAN interface by  
default.  You MUST configure the linksys router initially to enable  
administration via the WAN interface.  At the very least, please set  
a reasonable password and enable https!


-
Eric F Crist
Secure Computing Networks
http://www.secure-computing.net



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Quick Routing Question

2005-11-01 Thread Steve Bertrand

> I never explicity set the FreeBSD machine to enable NAT 
> between these subnets. Should I do so? Do I just add another 
> natd_interface to rc.conf?

You do not want to do this. The below config in rc.conf is correct. It
states that nat will only be enabled for the external interface, for
both subnets. There is no need to nat between your two internal subnets.

Steve

> 
> Right now, the NAT related entries in rc.conf on the gateway look like
> this:
> 
> natd_enable="YES"
> natd_interface="xl0"  #public interface
> natd_flags="-dynamic -m"
> 
> Thanks again,
> Jason
> 
> > 
> > Fabian
> > --
> > http://www.fabiankeil.de/
> 
> 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "[EMAIL PROTECTED]"
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 12:42:27PM -0500, Steve Bertrand wrote:
> 
> > Ok, it looks like it was an issue with the default settings 
> > on the Linksys (and is still somewhat of an issue). I can now 
> > connect to systems in each of the two subnets and I also have 
> > routing to the outside world from both subnets. My only 
> > remaining issue is getting to the web app setup for the 
> > Linksys - I can only do it from a local address (meaning a 
> > 192.168.1.x address).  The Linksys refuses connections from 
> > my 10.0.0.x subnet. Is this a NAT issue?
> 
> No, this is not a NAT issue.
> 
> You are not doing NAT in this situation (on exception through to the
> Internet)...the 10/24 and 192.168.1/24 subnets are routed (not NAT'd)
> through the FBSD box. They are communicating directly to one another,
> with no translation at all.
> 
> The problem here (my opinion only), is that the Linksys sees the 10.x
> address and is not familiar with it (unless explicitly told to do so).
> 
> What you need to do, is set a static route inside the Linksys that
> states that 10.0.0.x/24 should be routed to 192.168.1.2 (aka FBSD fw),
> out the LAN side of the device. Otherwise, what will happen is that the
> Linksys sees 10/24 as an *outside* address range, and it will forever
> trying to send it out it's WAN side, to it's default GW, even if there
> is not one configured.
> 
> The Linksys may try to give up searching for the 10 network because the
> only addresses it knows how to route through the LAN side will be the
> 192 network.
> 
> I hope I haven't confused you here. I've gotten quite busy so I'm typing
> faster tham I'm able to think :)
> 
> Anyway, it's been a while since I've played with a Linksys, but I am
> certain you can add static routes.
> 
> Again, what you want is a route that states:
> 
> - if it needs to go to 10.0.0.0, 255.255.255.0, send it to 192.168.1.2.

Got it. I'll try that. The Linksys does allow you to specify static 
routes.

-Jason

> 
> Now, one more thing...it may be possible that the Linksys interface may
> ONLY allow connection from it's own subnet, but you'll be able to
> enlighten me here :)
> 
> > Thanks again for all the help. tcpdump helped a lot.
> 
> No problem. I'm glad I could be of help.
> 
> Truly, what you are learning here is how the Internet as a whole works
> (as far as routing is concerned). The only difference is that you are
> playing with private IP address allocations, as opposed to public
> addresses.
> 
> Steve
> 
> > 
> > Jason
> > 
> > > 
> > > Cheers, and good luck!
> > > 
> > > Steve
> > > 
> > ___
> > freebsd-questions@freebsd.org mailing list 
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to 
> > "[EMAIL PROTECTED]"
> > 
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 06:37:16PM +0100, Fabian Keil wrote:
> Jason Morgan <[EMAIL PROTECTED]> wrote:
> 
> > On Tue, Nov 01, 2005 at 11:24:59AM -0500, Steve Bertrand wrote:
>  
> > > And again, tcpdump is a very good tool. The -i switch tells it what
> > > interface to listen on, so if the wireless side of the router works
> > > but you can't ping across to the cabled side, then apply the cabled
> > > interface to the -i switch and you'll be able to see if traffic is
> > > making that far, and if it is, if it's even attempting to go back.
> > 
> > Ok, it looks like it was an issue with the default settings on the 
> > Linksys (and is still somewhat of an issue). I can now connect to 
> > systems in each of the two subnets and I also have routing to the 
> > outside world from both subnets. My only remaining issue is getting
> > to the web app setup for the Linksys - I can only do it from a local 
> > address (meaning a 192.168.1.x address).  The Linksys refuses 
> > connections from my 10.0.0.x subnet. Is this a NAT issue?
> 
> Do you have NAT enabled between 192.168.1.0 and 10.0.0.0?
> If you do, the Linksys shouldn't see any 10.0.0.x addresses.
> 
> If you don't, this is probably a security measure.
> Perhaps the Linksys supports a white list to
> allow access from non-local addresses.

I never explicity set the FreeBSD machine to enable NAT between these 
subnets. Should I do so? Do I just add another natd_interface to 
rc.conf?

Right now, the NAT related entries in rc.conf on the gateway look like
this:

natd_enable="YES"
natd_interface="xl0"  #public interface
natd_flags="-dynamic -m"

Thanks again,
Jason

> 
> Fabian
> -- 
> http://www.fabiankeil.de/


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Quick Routing Question

2005-11-01 Thread Steve Bertrand


> Ok, it looks like it was an issue with the default settings 
> on the Linksys (and is still somewhat of an issue). I can now 
> connect to systems in each of the two subnets and I also have 
> routing to the outside world from both subnets. My only 
> remaining issue is getting to the web app setup for the 
> Linksys - I can only do it from a local address (meaning a 
> 192.168.1.x address).  The Linksys refuses connections from 
> my 10.0.0.x subnet. Is this a NAT issue?

No, this is not a NAT issue.

You are not doing NAT in this situation (on exception through to the
Internet)...the 10/24 and 192.168.1/24 subnets are routed (not NAT'd)
through the FBSD box. They are communicating directly to one another,
with no translation at all.

The problem here (my opinion only), is that the Linksys sees the 10.x
address and is not familiar with it (unless explicitly told to do so).

What you need to do, is set a static route inside the Linksys that
states that 10.0.0.x/24 should be routed to 192.168.1.2 (aka FBSD fw),
out the LAN side of the device. Otherwise, what will happen is that the
Linksys sees 10/24 as an *outside* address range, and it will forever
trying to send it out it's WAN side, to it's default GW, even if there
is not one configured.

The Linksys may try to give up searching for the 10 network because the
only addresses it knows how to route through the LAN side will be the
192 network.

I hope I haven't confused you here. I've gotten quite busy so I'm typing
faster tham I'm able to think :)

Anyway, it's been a while since I've played with a Linksys, but I am
certain you can add static routes.

Again, what you want is a route that states:

- if it needs to go to 10.0.0.0, 255.255.255.0, send it to 192.168.1.2.

Now, one more thing...it may be possible that the Linksys interface may
ONLY allow connection from it's own subnet, but you'll be able to
enlighten me here :)

> Thanks again for all the help. tcpdump helped a lot.

No problem. I'm glad I could be of help.

Truly, what you are learning here is how the Internet as a whole works
(as far as routing is concerned). The only difference is that you are
playing with private IP address allocations, as opposed to public
addresses.

Steve

> 
> Jason
> 
> > 
> > Cheers, and good luck!
> > 
> > Steve
> > 
> ___
> freebsd-questions@freebsd.org mailing list 
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "[EMAIL PROTECTED]"
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Fabian Keil

Jason Morgan <[EMAIL PROTECTED]> wrote:

> On Tue, Nov 01, 2005 at 11:24:59AM -0500, Steve Bertrand wrote:
 
> > And again, tcpdump is a very good tool. The -i switch tells it what
> > interface to listen on, so if the wireless side of the router works
> > but you can't ping across to the cabled side, then apply the cabled
> > interface to the -i switch and you'll be able to see if traffic is
> > making that far, and if it is, if it's even attempting to go back.
> 
> Ok, it looks like it was an issue with the default settings on the 
> Linksys (and is still somewhat of an issue). I can now connect to 
> systems in each of the two subnets and I also have routing to the 
> outside world from both subnets. My only remaining issue is getting
> to the web app setup for the Linksys - I can only do it from a local 
> address (meaning a 192.168.1.x address).  The Linksys refuses 
> connections from my 10.0.0.x subnet. Is this a NAT issue?

Do you have NAT enabled between 192.168.1.0 and 10.0.0.0?
If you do, the Linksys shouldn't see any 10.0.0.x addresses.

If you don't, this is probably a security measure.
Perhaps the Linksys supports a white list to
allow access from non-local addresses.

Fabian
-- 
http://www.fabiankeil.de/


pgpYrvJUyBRPy.pgp
Description: PGP signature

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 11:24:59AM -0500, Steve Bertrand wrote:
>  
> 
> > -Original Message-
> > From: [EMAIL PROTECTED] 
> > [mailto:[EMAIL PROTECTED] On Behalf Of Jason Morgan
> > Sent: Tuesday, November 01, 2005 11:03 AM
> > To: FreeBSD Questions
> > Subject: Re: Quick Routing Question
> > 
> > On Tue, Nov 01, 2005 at 10:25:25AM -0500, Steve Bertrand wrote:
> > > 
> > > > DestinationGatewayFlagsRefs  
> > Use  Netif 
> > > > Expire
> > > > default70.183.13.193  UGS 0
> > 24701xl0
> > > > 10/24  link#3 UC  0   
> >  0   fxp0
> > > > 10.0.0.1   00:d0:b7:44:f9:c6  UHLW0  
> > 903lo0
> > > > 10.0.0.2   00:50:8d:e5:a5:41  UHLW0   322468  
> > > >  fxp0572
> > > > 10.0.0.4   00:e0:98:04:01:f6  UHLW0 1131  
> > > >  fxp0   1140
> > > > 70.183.13.192/26   link#2 UC  0   
> >  0xl0
> > > > 70.183.13.193  00:13:5f:00:f0:ee  UHLW10  
> > > >   xl0   1188
> > > > 70.183.13.213  00:50:04:cf:52:8a  UHLW0   
> > 18lo0
> > > > 127.0.0.1  127.0.0.1  UH  0   
> >  0lo0
> > > > 192.168.1  link#1 UC  0   
> >  0dc0
> > > 
> > > Ok, this looks ok. The 10/24 network *should* be able to see/route 
> > > anything back and forth to the 192.168.1/24 network without 
> > difficulty.
> > > 
> > > Now, I can't remember if you said how this was cabled, but 
> > this is how 
> > > I set up my wifi networks:
> > > 
> > > - plug the wireless network interface in the FBSD router 
> > into one of 
> > > the LAN switch ports on the wireless AP/router (if indeed 
> > it is a router).
> > > The IP address on the LAN side of the AP is irrelevant, so 
> > long as you 
> > > don't conflict with another IP.
> > 
> > Yes, that's what I've done.
> > 
> > > - Give the wireless laptop a static IP inside the wireless IP subnet
> > 
> > As soon as I can get the Linksys set up, I will.
> > 
> > > - Have nothing plugged into the WAN side of the wireless AP, as you 
> > > don't want routing with that unit, you just want a layer-2
> > > (bridged/switched) AP.
> > 
> > Correct.
> > 
> > > - effectively, if you have wireless connectivity from the laptop to 
> > > the AP, you should be able to ping the FW, and vice-versa
> > 
> > Checking to make sure the wireless router is routing now, but 
> > I can ping from the FreeBSD gateway to the router (as well as 
> > hit the web setup with lynx).
> 
> Ok, slick...you are more than half way there. Carry on with bringing
> over a client to the wireless side of things (even if it's just cabled
> into the Linksys for now), to see if you can get through the AP, to the
> router. Then proceed to try to ping the cabled iface of the FBSD box
> from said client. If you can do that, then try a wireless client, to
> ensure the problem doesn't stem from wifi connectivity.
> 
> And again, tcpdump is a very good tool. The -i switch tells it what
> interface to listen on, so if the wireless side of the router works but
> you can't ping across to the cabled side, then apply the cabled
> interface to the -i switch and you'll be able to see if traffic is
> making that far, and if it is, if it's even attempting to go back.

Ok, it looks like it was an issue with the default settings on the 
Linksys (and is still somewhat of an issue). I can now connect to 
systems in each of the two subnets and I also have routing to the 
outside world from both subnets. My only remaining issue is getting to 
the web app setup for the Linksys - I can only do it from a local 
address (meaning a 192.168.1.x address).  The Linksys refuses 
connections from my 10.0.0.x subnet. Is this a NAT issue?

Thanks again for all the help. tcpdump helped a lot.

Jason

> 
> Cheers, and good luck!
> 
> Steve
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Quick Routing Question

2005-11-01 Thread Steve Bertrand

 

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of Jason Morgan
> Sent: Tuesday, November 01, 2005 11:03 AM
> To: FreeBSD Questions
> Subject: Re: Quick Routing Question
> 
> On Tue, Nov 01, 2005 at 10:25:25AM -0500, Steve Bertrand wrote:
> > 
> > > DestinationGatewayFlagsRefs  
> Use  Netif 
> > > Expire
> > > default70.183.13.193  UGS 0
> 24701xl0
> > > 10/24  link#3 UC  0   
>  0   fxp0
> > > 10.0.0.1   00:d0:b7:44:f9:c6  UHLW0  
> 903lo0
> > > 10.0.0.2   00:50:8d:e5:a5:41  UHLW0   322468  
> > >  fxp0572
> > > 10.0.0.4   00:e0:98:04:01:f6  UHLW0 1131  
> > >  fxp0   1140
> > > 70.183.13.192/26   link#2 UC  0   
>  0xl0
> > > 70.183.13.193  00:13:5f:00:f0:ee  UHLW10  
> > >   xl0   1188
> > > 70.183.13.213  00:50:04:cf:52:8a  UHLW0   
> 18lo0
> > > 127.0.0.1  127.0.0.1  UH  0   
>  0lo0
> > > 192.168.1  link#1 UC  0   
>  0dc0
> > 
> > Ok, this looks ok. The 10/24 network *should* be able to see/route 
> > anything back and forth to the 192.168.1/24 network without 
> difficulty.
> > 
> > Now, I can't remember if you said how this was cabled, but 
> this is how 
> > I set up my wifi networks:
> > 
> > - plug the wireless network interface in the FBSD router 
> into one of 
> > the LAN switch ports on the wireless AP/router (if indeed 
> it is a router).
> > The IP address on the LAN side of the AP is irrelevant, so 
> long as you 
> > don't conflict with another IP.
> 
> Yes, that's what I've done.
> 
> > - Give the wireless laptop a static IP inside the wireless IP subnet
> 
> As soon as I can get the Linksys set up, I will.
> 
> > - Have nothing plugged into the WAN side of the wireless AP, as you 
> > don't want routing with that unit, you just want a layer-2
> > (bridged/switched) AP.
> 
> Correct.
> 
> > - effectively, if you have wireless connectivity from the laptop to 
> > the AP, you should be able to ping the FW, and vice-versa
> 
> Checking to make sure the wireless router is routing now, but 
> I can ping from the FreeBSD gateway to the router (as well as 
> hit the web setup with lynx).

Ok, slick...you are more than half way there. Carry on with bringing
over a client to the wireless side of things (even if it's just cabled
into the Linksys for now), to see if you can get through the AP, to the
router. Then proceed to try to ping the cabled iface of the FBSD box
from said client. If you can do that, then try a wireless client, to
ensure the problem doesn't stem from wifi connectivity.

And again, tcpdump is a very good tool. The -i switch tells it what
interface to listen on, so if the wireless side of the router works but
you can't ping across to the cabled side, then apply the cabled
interface to the -i switch and you'll be able to see if traffic is
making that far, and if it is, if it's even attempting to go back.

Cheers, and good luck!

Steve

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 10:25:25AM -0500, Steve Bertrand wrote:
> 
> > DestinationGatewayFlagsRefs  Use  Netif 
> > Expire
> > default70.183.13.193  UGS 024701xl0
> > 10/24  link#3 UC  00   fxp0
> > 10.0.0.1   00:d0:b7:44:f9:c6  UHLW0  903lo0
> > 10.0.0.2   00:50:8d:e5:a5:41  UHLW0   322468  
> >  fxp0572
> > 10.0.0.4   00:e0:98:04:01:f6  UHLW0 1131  
> >  fxp0   1140
> > 70.183.13.192/26   link#2 UC  00xl0
> > 70.183.13.193  00:13:5f:00:f0:ee  UHLW10  
> >   xl0   1188
> > 70.183.13.213  00:50:04:cf:52:8a  UHLW0   18lo0
> > 127.0.0.1  127.0.0.1  UH  00lo0
> > 192.168.1  link#1 UC  00dc0
> 
> Ok, this looks ok. The 10/24 network *should* be able to see/route
> anything back and forth to the 192.168.1/24 network without difficulty.
> 
> Now, I can't remember if you said how this was cabled, but this is how I
> set up my wifi networks:
> 
> - plug the wireless network interface in the FBSD router into one of the
> LAN switch ports on the wireless AP/router (if indeed it is a router).
> The IP address on the LAN side of the AP is irrelevant, so long as you
> don't conflict with another IP. 

Yes, that's what I've done.

> - Give the wireless laptop a static IP inside the wireless IP subnet

As soon as I can get the Linksys set up, I will.

> - Have nothing plugged into the WAN side of the wireless AP, as you
> don't want routing with that unit, you just want a layer-2
> (bridged/switched) AP.

Correct.

> - effectively, if you have wireless connectivity from the laptop to the
> AP, you should be able to ping the FW, and vice-versa

Checking to make sure the wireless router is routing now, but I can ping 
from the FreeBSD gateway to the router (as well as hit the web setup 
with lynx).

> If it doesn't work, cable up the laptop to the LAN side of the AP,
> ensuring it has a proper IP in the wifi range, and then ping.
> 
> If all else fails, set up a round of say 100 pings from the laptop to
> the FBSD box, and on the FBSD box, do this:
> 
> # tcpdump -n -i fxp0
> 
> where fxp0 is the interface the AP is plugged into. This will show you
> first, if the pings are getting from the wifi subnet to the FBSD box,
> and also if they are being returned. Inbound pings but no outbound pings
> could indicate a deeper routing issue or FW issue. No inbound pings
> could indicate a problem with IP allocation or subnet issues.
> 
> tcpdump (1) is a great tool, and may even help further troubleshoot the
> issue.

Thanks for the suggestions. Never played with tcpdump before.

> 
> If you can ping from wifi to FBSD wifi interface, then push the scope of
> the test further, trying to ping the cabled side of the FBSD box.
> 
> let us know what you find, as the more detail we have after certain
> tests, will enable us to provide further recommendations. Also, an
> ifconfig output could help too, so long everything is all connected.

I'll move a client from the 'wired' side to the 'wireless' side here 
shortly. Thanks for the help.

-Jason


> Regards,
> 
> Steve
> 
> > 
> > Internet6:
> > Destination   Gateway  Flags 
> > Netif Expire
> > ::1   ::1  UH lo0
> > fe80::%dc0/64 link#1   UC dc0
> > fe80::204:5aff:fe42:5084%dc0  00:04:5a:42:50:84UHLlo0
> > fe80::%xl0/64 link#2   UC xl0
> > fe80::250:4ff:fecf:528a%xl0   00:50:04:cf:52:8aUHLlo0
> > fe80::%fxp0/64link#3   UC fxp0
> > fe80::2d0:b7ff:fe44:f9c6%fxp0 00:d0:b7:44:f9:c6UHLlo0
> > fe80::%lo0/64 fe80::1%lo0  U  lo0
> > fe80::1%lo0   link#4   UHLlo0
> > ff01::/32 ::1  U  lo0
> > ff02::%dc0/32 link#1   UC dc0
> > ff02::%xl0/32 link#2   UC xl0
> > ff02::%fxp0/32link#3   UC fxp0
> > ff02::%lo0/32 ::1  UC lo0
> > 
> > 
> > Also, made one small error in my initial post.  The wireless 
> > router has IP 192.168.1.1 and the server's 'wireless' 
> > interface is 192.168.1.2 (going to switch these as soon as I 
> > get access to the wireless router settings).
> > 
> > I've tried setting static routes between various interfaces 
> > on the FreeBSD machine, it hasn't worked, but I may be doing 
> > it wrong. I thought routed should take care of this 
> > dynamically, but I'm a bit unsure about that.
> > 
> > > 
> > > Steve
> > > 
> > > > 
> > > > Fabian
> > > > --
> > > > http://www.fabiankeil.de/
> > > > 
> > >

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 07:03:26AM -0800, Brian E. Conklin wrote:
> Do you have gateway_enable="YES" in your rc.conf?

Yes, I do. The FreeBSD works fine for routing to the outside, it's 
between the subnets where I run into issues.


> 
> Brian E. Conklin, MCP+I, MCSE
> Director of Information Services
> Mason General Hospital
> http://www.masongeneral.com
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Jason Morgan
> Sent: Monday, October 31, 2005 9:42 PM
> To: FreeBSD Questions
> Subject: Quick Routing Question
> 
> 
> I am setting up a wireless subnet and, while the gateway (FreeBSD
> system) is communicating fine with the wireless router, my other subnet
> is not able to connect to the wireless router. Here is a diagram of my
> network, I think it's fairly typical.
> 
> 
>  Wired Subnet (10.0.0.x)
> /
>/
> Internet <-- FreeBSD Machine 
>\
> \
>  Wireless Subnet (192.168.1.x)
> 
> 
> The 'wired' interface on the FreeBSD machine has an IP of 10.0.0.1, with 
> the 'wireless' IP being 192.168.1.1.  Now, the FreeBSD machine and the 
> wireless router (192.168.1.2) communicate fine as does the wired subnet; 
> however, I am not able to connect from a 10.0.0.x client to the wireless 
> router. After running traceroute, etc, it seems that the FreeBSD machine 
> is simply not routing the data from one subnet to the other. I've 
> verified that it's not the firewall blocking packets. How do I get these 
> subnets to communicate?
> 
> Thanks,
> Jason
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> =
> Mason General Hospital
> 901 Mt. View Drive
> PO Box 1668
> Shelton, WA 98584
> http://www.masongeneral.com
> (360) 426-1611
> =
> This message is intended for the sole use of the individual and entity
> to whom it is addressed and may contain information that is privileged,
> confidential and exempt from disclosure under applicable law. If you
> are not the addressee nor authorized to receive for the addressee, you
> are hereby notified that you may not use, copy, disclose or distribute
> to anyone this message or any information contained in the message. If
> you have received this message in error, please immediately notify the
> sender and delete the message.
> 
> Replying to this message constitutes consent to electronic monitoring
> of this message.
> 
> Thank you.
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Quick Routing Question

2005-11-01 Thread Steve Bertrand


> DestinationGatewayFlagsRefs  Use  Netif 
> Expire
> default70.183.13.193  UGS 024701xl0
> 10/24  link#3 UC  00   fxp0
> 10.0.0.1   00:d0:b7:44:f9:c6  UHLW0  903lo0
> 10.0.0.2   00:50:8d:e5:a5:41  UHLW0   322468  
>  fxp0572
> 10.0.0.4   00:e0:98:04:01:f6  UHLW0 1131  
>  fxp0   1140
> 70.183.13.192/26   link#2 UC  00xl0
> 70.183.13.193  00:13:5f:00:f0:ee  UHLW10  
>   xl0   1188
> 70.183.13.213  00:50:04:cf:52:8a  UHLW0   18lo0
> 127.0.0.1  127.0.0.1  UH  00lo0
> 192.168.1  link#1 UC  00dc0

Ok, this looks ok. The 10/24 network *should* be able to see/route
anything back and forth to the 192.168.1/24 network without difficulty.

Now, I can't remember if you said how this was cabled, but this is how I
set up my wifi networks:

- plug the wireless network interface in the FBSD router into one of the
LAN switch ports on the wireless AP/router (if indeed it is a router).
The IP address on the LAN side of the AP is irrelevant, so long as you
don't conflict with another IP. 
- Give the wireless laptop a static IP inside the wireless IP subnet
- Have nothing plugged into the WAN side of the wireless AP, as you
don't want routing with that unit, you just want a layer-2
(bridged/switched) AP.
- effectively, if you have wireless connectivity from the laptop to the
AP, you should be able to ping the FW, and vice-versa

If it doesn't work, cable up the laptop to the LAN side of the AP,
ensuring it has a proper IP in the wifi range, and then ping.

If all else fails, set up a round of say 100 pings from the laptop to
the FBSD box, and on the FBSD box, do this:

# tcpdump -n -i fxp0

where fxp0 is the interface the AP is plugged into. This will show you
first, if the pings are getting from the wifi subnet to the FBSD box,
and also if they are being returned. Inbound pings but no outbound pings
could indicate a deeper routing issue or FW issue. No inbound pings
could indicate a problem with IP allocation or subnet issues.

tcpdump (1) is a great tool, and may even help further troubleshoot the
issue.

If you can ping from wifi to FBSD wifi interface, then push the scope of
the test further, trying to ping the cabled side of the FBSD box.

let us know what you find, as the more detail we have after certain
tests, will enable us to provide further recommendations. Also, an
ifconfig output could help too, so long everything is all connected.

Regards,

Steve

> 
> Internet6:
> Destination   Gateway  Flags 
> Netif Expire
> ::1   ::1  UH lo0
> fe80::%dc0/64 link#1   UC dc0
> fe80::204:5aff:fe42:5084%dc0  00:04:5a:42:50:84UHLlo0
> fe80::%xl0/64 link#2   UC xl0
> fe80::250:4ff:fecf:528a%xl0   00:50:04:cf:52:8aUHLlo0
> fe80::%fxp0/64link#3   UC fxp0
> fe80::2d0:b7ff:fe44:f9c6%fxp0 00:d0:b7:44:f9:c6UHLlo0
> fe80::%lo0/64 fe80::1%lo0  U  lo0
> fe80::1%lo0   link#4   UHLlo0
> ff01::/32 ::1  U  lo0
> ff02::%dc0/32 link#1   UC dc0
> ff02::%xl0/32 link#2   UC xl0
> ff02::%fxp0/32link#3   UC fxp0
> ff02::%lo0/32 ::1  UC lo0
> 
> 
> Also, made one small error in my initial post.  The wireless 
> router has IP 192.168.1.1 and the server's 'wireless' 
> interface is 192.168.1.2 (going to switch these as soon as I 
> get access to the wireless router settings).
> 
> I've tried setting static routes between various interfaces 
> on the FreeBSD machine, it hasn't worked, but I may be doing 
> it wrong. I thought routed should take care of this 
> dynamically, but I'm a bit unsure about that.
> 
> > 
> > Steve
> > 
> > > 
> > > Fabian
> > > --
> > > http://www.fabiankeil.de/
> > > 
> > 
> 
> Thanks alot for the replies. I appreciate it.
> 
> Jason
> 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "[EMAIL PROTECTED]"
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Quick Routing Question

2005-11-01 Thread Brian E. Conklin

Do you have gateway_enable="YES" in your rc.conf?

Brian E. Conklin, MCP+I, MCSE
Director of Information Services
Mason General Hospital
http://www.masongeneral.com


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jason Morgan
Sent: Monday, October 31, 2005 9:42 PM
To: FreeBSD Questions
Subject: Quick Routing Question


I am setting up a wireless subnet and, while the gateway (FreeBSD
system) is communicating fine with the wireless router, my other subnet
is not able to connect to the wireless router. Here is a diagram of my
network, I think it's fairly typical.


 Wired Subnet (10.0.0.x)
/
   /
Internet <-- FreeBSD Machine 
   \
\
 Wireless Subnet (192.168.1.x)


The 'wired' interface on the FreeBSD machine has an IP of 10.0.0.1, with 
the 'wireless' IP being 192.168.1.1.  Now, the FreeBSD machine and the 
wireless router (192.168.1.2) communicate fine as does the wired subnet; 
however, I am not able to connect from a 10.0.0.x client to the wireless 
router. After running traceroute, etc, it seems that the FreeBSD machine 
is simply not routing the data from one subnet to the other. I've 
verified that it's not the firewall blocking packets. How do I get these 
subnets to communicate?

Thanks,
Jason
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
=
Mason General Hospital
901 Mt. View Drive
PO Box 1668
Shelton, WA 98584
http://www.masongeneral.com
(360) 426-1611
=
This message is intended for the sole use of the individual and entity
to whom it is addressed and may contain information that is privileged,
confidential and exempt from disclosure under applicable law. If you
are not the addressee nor authorized to receive for the addressee, you
are hereby notified that you may not use, copy, disclose or distribute
to anyone this message or any information contained in the message. If
you have received this message in error, please immediately notify the
sender and delete the message.

Replying to this message constitutes consent to electronic monitoring
of this message.

Thank you.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Glenn Dawson


At 06:34 AM 11/1/2005, Jason Morgan wrote:

On Tue, Nov 01, 2005 at 09:03:11AM -0500, Steve Bertrand wrote:
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of Fabian Keil
> > Sent: Tuesday, November 01, 2005 5:58 AM
> > To: Jason Morgan
> > Cc: FreeBSD Questions
> > Subject: Re: Quick Routing Question
> >
> > Jason Morgan <[EMAIL PROTECTED]> wrote:
> >
> > > I am setting up a wireless subnet and, while the gateway (FreeBSD
> > > system) is communicating fine with the wireless router, my other
> > > subnet is not able to connect to the wireless router. Here is a
> > > diagram of my network, I think it's fairly typical.
> > >
> > >
> > >  Wired Subnet (10.0.0.x)
> > > /
> > >/
> > > Internet <-- FreeBSD Machine
> > >\
> > > \
> > >  Wireless Subnet (192.168.1.x)
> > >
> > >
> > > The 'wired' interface on the FreeBSD machine has an IP of 10.0.0.1,
> > > with the 'wireless' IP being 192.168.1.1.  Now, the FreeBSD machine
> > > and the wireless router (192.168.1.2) communicate fine as does the
> > > wired subnet; however, I am not able to connect from a
> > 10.0.0.x client
> > > to the wireless router. After running traceroute, etc, it
> > seems that
> > > the FreeBSD machine is simply not routing the data from one
> > subnet to
> > > the other. I've verified that it's not the firewall
> > blocking packets.
> > > How do I get these subnets to communicate?
> >
> > Did you put gateway_enable=YES in rc.conf?
> > Did you read
> > 
<<http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/net>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/net>  
 > work-routing.html>?


Yes, the FreeBSD machine has been acting as a router/gateway/firewall
for the wired network for quite some time. I did look at the handbook,
that's usually my first stop.

>
> Also, what does:
>
> # netstat -rn
>
> ...output?

# netstat -rn

Routing tables

Internet:
DestinationGatewayFlagsRefs  Use  Netif
Expire
default70.183.13.193  UGS 024701xl0
10/24  link#3 UC  00   fxp0
10.0.0.1   00:d0:b7:44:f9:c6  UHLW0  903lo0
10.0.0.2   00:50:8d:e5:a5:41  UHLW0   322468   fxp0572
10.0.0.4   00:e0:98:04:01:f6  UHLW0 1131   fxp0   1140
70.183.13.192/26   link#2 UC  00xl0
70.183.13.193  00:13:5f:00:f0:ee  UHLW10xl0   1188
70.183.13.213  00:50:04:cf:52:8a  UHLW0   18lo0
127.0.0.1  127.0.0.1  UH  00lo0
192.168.1  link#1 UC  00dc0

Internet6:
Destination   Gateway  Flags Netif Expire
::1   ::1  UH lo0
fe80::%dc0/64 link#1   UC dc0
fe80::204:5aff:fe42:5084%dc0  00:04:5a:42:50:84UHLlo0
fe80::%xl0/64 link#2   UC xl0
fe80::250:4ff:fecf:528a%xl0   00:50:04:cf:52:8aUHLlo0
fe80::%fxp0/64link#3   UC fxp0
fe80::2d0:b7ff:fe44:f9c6%fxp0 00:d0:b7:44:f9:c6UHLlo0
fe80::%lo0/64 fe80::1%lo0  U  lo0
fe80::1%lo0   link#4   UHLlo0
ff01::/32 ::1  U  lo0
ff02::%dc0/32 link#1   UC dc0
ff02::%xl0/32 link#2   UC xl0
ff02::%fxp0/32link#3   UC fxp0
ff02::%lo0/32 ::1  UC lo0


Also, made one small error in my initial post.  The wireless router has
IP 192.168.1.1 and the server's 'wireless' interface is 192.168.1.2
(going to switch these as soon as I get access to the wireless router
settings).

I've tried setting static routes between various interfaces on the
FreeBSD machine, it hasn't worked, but I may be doing it wrong. I
thought routed should take care of this dynamically, but I'm a bit
unsure about that.


This sounds a lot like the freebsd machine does not know how to route 
packets to the other side of the wireless router.


Just to confirm how things are connected, ignoring the "wired net" 
for a moment, it sounds like you have someth

Re: Quick Routing Question

2005-11-01 Thread Jason Morgan

On Tue, Nov 01, 2005 at 09:03:11AM -0500, Steve Bertrand wrote:
>  
> 
> > -Original Message-
> > From: [EMAIL PROTECTED] 
> > [mailto:[EMAIL PROTECTED] On Behalf Of Fabian Keil
> > Sent: Tuesday, November 01, 2005 5:58 AM
> > To: Jason Morgan
> > Cc: FreeBSD Questions
> > Subject: Re: Quick Routing Question
> > 
> > Jason Morgan <[EMAIL PROTECTED]> wrote:
> > 
> > > I am setting up a wireless subnet and, while the gateway (FreeBSD
> > > system) is communicating fine with the wireless router, my other 
> > > subnet is not able to connect to the wireless router. Here is a 
> > > diagram of my network, I think it's fairly typical.
> > > 
> > > 
> > >  Wired Subnet (10.0.0.x)
> > > /
> > >/
> > > Internet <-- FreeBSD Machine 
> > >\
> > > \
> > >  Wireless Subnet (192.168.1.x)
> > > 
> > > 
> > > The 'wired' interface on the FreeBSD machine has an IP of 10.0.0.1, 
> > > with the 'wireless' IP being 192.168.1.1.  Now, the FreeBSD machine 
> > > and the wireless router (192.168.1.2) communicate fine as does the 
> > > wired subnet; however, I am not able to connect from a 
> > 10.0.0.x client 
> > > to the wireless router. After running traceroute, etc, it 
> > seems that 
> > > the FreeBSD machine is simply not routing the data from one 
> > subnet to 
> > > the other. I've verified that it's not the firewall 
> > blocking packets. 
> > > How do I get these subnets to communicate?
> > 
> > Did you put gateway_enable=YES in rc.conf?
> > Did you read
> > <http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/net
> > work-routing.html>?

Yes, the FreeBSD machine has been acting as a router/gateway/firewall
for the wired network for quite some time. I did look at the handbook,
that's usually my first stop.

> 
> Also, what does:
> 
> # netstat -rn
> 
> ...output?

# netstat -rn

Routing tables

Internet:
DestinationGatewayFlagsRefs  Use  Netif 
Expire
default70.183.13.193  UGS 024701xl0
10/24  link#3 UC  00   fxp0
10.0.0.1   00:d0:b7:44:f9:c6  UHLW0  903lo0
10.0.0.2   00:50:8d:e5:a5:41  UHLW0   322468   fxp0572
10.0.0.4   00:e0:98:04:01:f6  UHLW0 1131   fxp0   1140
70.183.13.192/26   link#2 UC  00xl0
70.183.13.193  00:13:5f:00:f0:ee  UHLW10xl0   1188
70.183.13.213  00:50:04:cf:52:8a  UHLW0   18lo0
127.0.0.1  127.0.0.1  UH  00lo0
192.168.1  link#1 UC  00dc0

Internet6:
Destination   Gateway  Flags Netif Expire
::1   ::1  UH lo0
fe80::%dc0/64 link#1   UC dc0
fe80::204:5aff:fe42:5084%dc0  00:04:5a:42:50:84UHLlo0
fe80::%xl0/64 link#2   UC xl0
fe80::250:4ff:fecf:528a%xl0   00:50:04:cf:52:8aUHLlo0
fe80::%fxp0/64link#3   UC fxp0
fe80::2d0:b7ff:fe44:f9c6%fxp0 00:d0:b7:44:f9:c6UHLlo0
fe80::%lo0/64 fe80::1%lo0  U  lo0
fe80::1%lo0   link#4   UHLlo0
ff01::/32 ::1  U  lo0
ff02::%dc0/32 link#1   UC dc0
ff02::%xl0/32 link#2   UC xl0
ff02::%fxp0/32link#3   UC fxp0
ff02::%lo0/32 ::1  UC lo0


Also, made one small error in my initial post.  The wireless router has 
IP 192.168.1.1 and the server's 'wireless' interface is 192.168.1.2 
(going to switch these as soon as I get access to the wireless router 
settings).

I've tried setting static routes between various interfaces on the 
FreeBSD machine, it hasn't worked, but I may be doing it wrong. I 
thought routed should take care of this dynamically, but I'm a bit 
unsure about that.

> 
> Steve
> 
> > 
> > Fabian
> > --
> > http://www.fabiankeil.de/
> > 
> 

Thanks alot for the replies. I appreciate it.

Jason

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Quick Routing Question

2005-11-01 Thread Steve Bertrand

 

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of Fabian Keil
> Sent: Tuesday, November 01, 2005 5:58 AM
> To: Jason Morgan
> Cc: FreeBSD Questions
> Subject: Re: Quick Routing Question
> 
> Jason Morgan <[EMAIL PROTECTED]> wrote:
> 
> > I am setting up a wireless subnet and, while the gateway (FreeBSD
> > system) is communicating fine with the wireless router, my other 
> > subnet is not able to connect to the wireless router. Here is a 
> > diagram of my network, I think it's fairly typical.
> > 
> > 
> >  Wired Subnet (10.0.0.x)
> > /
> >/
> > Internet <-- FreeBSD Machine 
> >\
> > \
> >  Wireless Subnet (192.168.1.x)
> > 
> > 
> > The 'wired' interface on the FreeBSD machine has an IP of 10.0.0.1, 
> > with the 'wireless' IP being 192.168.1.1.  Now, the FreeBSD machine 
> > and the wireless router (192.168.1.2) communicate fine as does the 
> > wired subnet; however, I am not able to connect from a 
> 10.0.0.x client 
> > to the wireless router. After running traceroute, etc, it 
> seems that 
> > the FreeBSD machine is simply not routing the data from one 
> subnet to 
> > the other. I've verified that it's not the firewall 
> blocking packets. 
> > How do I get these subnets to communicate?
> 
> Did you put gateway_enable=YES in rc.conf?
> Did you read
> <http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/net
> work-routing.html>?

Also, what does:

# netstat -rn

...output?

Steve

> 
> Fabian
> --
> http://www.fabiankeil.de/
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Quick Routing Question

2005-11-01 Thread Fabian Keil

Jason Morgan <[EMAIL PROTECTED]> wrote:

> I am setting up a wireless subnet and, while the gateway (FreeBSD
> system) is communicating fine with the wireless router, my other
> subnet is not able to connect to the wireless router. Here is a
> diagram of my network, I think it's fairly typical.
> 
> 
>  Wired Subnet (10.0.0.x)
> /
>/
> Internet <-- FreeBSD Machine 
>\
> \
>  Wireless Subnet (192.168.1.x)
> 
> 
> The 'wired' interface on the FreeBSD machine has an IP of 10.0.0.1,
> with the 'wireless' IP being 192.168.1.1.  Now, the FreeBSD machine
> and the wireless router (192.168.1.2) communicate fine as does the
> wired subnet; however, I am not able to connect from a 10.0.0.x
> client to the wireless router. After running traceroute, etc, it
> seems that the FreeBSD machine is simply not routing the data from
> one subnet to the other. I've verified that it's not the firewall
> blocking packets. How do I get these subnets to communicate?

Did you put gateway_enable=YES in rc.conf?
Did you read 
?

Fabian
-- 
http://www.fabiankeil.de/


pgpKy9iNTkdy8.pgp
Description: PGP signature

RE: Quick Routing Question

Re: Quick Routing Question

RE: Quick Routing Question

Re: Quick Routing Question

Re: Quick Routing Question

RE: Quick Routing Question

Re: Quick Routing Question

Re: Quick Routing Question

RE: Quick Routing Question

Re: Quick Routing Question

Re: Quick Routing Question

RE: Quick Routing Question

Re: Quick Routing Question

Re: Quick Routing Question

RE: Quick Routing Question

RE: Quick Routing Question

Re: Quick Routing Question

Re: Quick Routing Question

RE: Quick Routing Question

Re: Quick Routing Question

20 matches

Site Navigation

Mail list logo

Footer information