Mike Rosile wrote:
I want BRANCH A’s subnet to be able to access network resources on BRANCH B’s subnet and vice versa through the HUB router. I’ve added all the necessary entries to “zones”, “hosts”, “interfaces”, and “policy”. BRANCH A can access HUB’s subnet no problem, and BRANCH B can access HUB’s subnet no problem, but packets were being DROPPED from BRANCH A to BRANCH B, which were clearly visible from Shorewall and syslog (Shorewall:FORWARD:DROP). /etc/shorewall/policy had entries to ACCEPT traffic between BRANCH A and BRANCH B.
I've taken another look at this report and suggest that you refer to Shorewall FAQ 17. It points out that when traffic is dropped or rejected in the FORWARD chain and the IN= and OUT= interfaces are the same, then the first thing to try is setting the 'routeback' option on that interface in /etc/shorewall/interfaces.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
