Hello Tom
I'm trying to ping 210.0.214.127 from external host, it's request time out, but
I can ping 210.0.214.119, I accepted in policy and rules file before try to
ping.
Policy:
net dmz DROP info
net $FW ACCEPT info
net loc DROP info
net all DROP info
Rules:
Ping/ACCEPT net $FW
Thanks !
--- 2010年2月7日 星期日,Tom Eastep <[email protected]> 寫道﹕
寄件人: Tom Eastep <[email protected]>
主題: Re: [Shorewall-users] Two DMZ servers can't be access from internet and
can't ping internet IP address.
收件人: "Shorewall Users" <[email protected]>
日期: 2010年2月7日,星期日,下午10:52
Wilson Kwok wrote:
> Hello Tom
>
> 1.) DMZ server that having problem can ping 192.168.0.1 and 210.0.214.119
>
> 2.) Our ISP blocked 210.0.214.1 ping long time ago.
>
> What I should do now?
>
Wilson -- please keep in mind that this is *your* problem, not mine. So
please don't expect me to solve it for you.
I suggest that while running the same tcpdump command as I gave you in
the previous post, try pinging the external address (e.g.,
210.0.214.127) from an external internet host. If you don't see the
packets, call your ISP.
If you see the packets and the destination MAC address isn't
00:0a:cd:0f:66:bb, then proceed as described at
http://www.shorewall.net/3.0/NAT.htm#id2479684.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
-----內含下列附件-----
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
-----內含下列附件-----
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
_______________________________________
YM - 離線訊息
就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說話都冇走失。
http://messenger.yahoo.com.hk
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
