Hello Tom
1.) DMZ server that having problem can ping 192.168.0.1 and 210.0.214.119
2.) Our ISP blocked 210.0.214.1 ping long time ago.
What I should do now?
Thanks !
--- 2010年2月7日 星期日,Tom Eastep <[email protected]> 寫道﹕
寄件人: Tom Eastep <[email protected]>
主題: Re: [Shorewall-users] Two DMZ servers can't be access from internet and
can't ping internet IP address.
收件人: "Shorewall Users" <[email protected]>
日期: 2010年2月7日,星期日,上午12:34
Wilson Kwok wrote:
> Hi Tom
>
> Are you like Super Bowl ?
Yes, indeed.
>
> I will wait you next week, and I also installing shorewall in another
> same hardware machine for testing.
>
I would start at one of the internal servers that is having problems and:
a) ping 192.168.0.1. If that fails, you have a LAN connectivity issue.
b) ping 210.0.214.119. If that fails, most likely the cause is that the
system that you are pinging from has an incorrect default gateway setting.
c) ping 210.0.214.1. If that fails, look at the traffic with tcpdump; if
you are pinging from 192.168.0.14, then:
tcpdump -nei eth2 host 210.0.214.127
If you see traffic going out but no traffic coming in, contact your ISP
for assistance. If you see traffic in both directions, check the link
layer (MAC) destination address in the response packets; is it the same
as the source MAC in the outgoing requests? If not, you have an
ARP/bridging issue. See the Shorewall Nat page
(http://www.shorewall.net/3.0/NAT.htm) for instructions for using arping
to try to eliminate the problem.
d) If pinging 210.0.214.1 works, then you have established that your
server can communicate as far as your ISP. If you can't ping beyond
there BY IP ADDRESS, contact your ISP for help.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
-----內含下列附件-----
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
-----內含下列附件-----
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
Yahoo!香港提供網上安全攻略,教你如何防範黑客! 請前往 http://hk.promo.yahoo.com/security/ 了解更多!------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
