hi, this is may be off topic, but somewhat shorewall releated. we've got the same setup as described here: http://shorewall.net/ProxyARP.htm just the eth1 is 172.16.20.1/24. but now i'd like to put a new machine into the privnet with ip: 172.16.20.2 (while there are a few others with public ip). is it possible? i assume i shouldn't have to put anything into shorewall's proxyarp file (just the old entries), but when i try to ping from 172.16.20.2 the firewall (172.16.20.1) and run a tcpdump on the firewall, i've got this: ------------------------- # tcpdump -n -i eth1 host 172.16.10.2 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes 17:07:01.763468 arp who-has 172.16.10.2 tell 172.16.10.1 17:07:02.763313 arp who-has 172.16.10.2 tell 172.16.10.1 17:07:04.763930 arp who-has 172.16.10.2 tell 172.16.10.1 ------------------------- and of course the problem neither the new host can't ping the firewall nor the firewall the new host. what can be the problem? thanks in advance. yours.
-- Levente "Si vis pacem para bellum!" ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
