On Wed, 2011-12-14 at 05:33 -0600, Maple Thorpe wrote: > Greetings, > > I am attempting to configure a remote connection to an internal Server > with a fw behind a gw shorewall fw using multiple ip-addresses. The gw > shorewall uses the three-interface configuration. Excerpts are as > follows ... > > GW: > (net=eth0) > rule: SSH(ACCEPT):info net:ip.add.re.ss dmz:10.10.11.4 > nat: 1x.xxx.x.104 eth0 10.10.11.4 No No > > Server: > (dmz=eth2) > rule: ACCEPT dmz:ip.add.re.ss $FW tcp 22 - 1x.xxx.xx.104 > masq: eth2 10.10.11.4 12.xxx.xx.104 tcp 22 > > On Server, "tcpdump -i eth2 src ip.add.re.ss and dst 10.10.11.4 and port > 22" shows traffic arriving from remote ip.add.re.ss but connection > timesout. > > I would greatly appreciate a nudge into right direction. Also, should I > remove SSHKnock on GW Shorewall until I get this to work? > > Thanks in advance. > > > > > > > > > > ------------------------------------------------------------------------------ > Cloud Computing - Latest Buzzword or a Glimpse of the Future? > This paper surveys cloud computing today: What are the benefits? > Why are businesses embracing it? What are its payoffs and pitfalls? > http://www.accelacomm.com/jaw/sdnl/114/51425149/ > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users
Operator error. Solution: (FAQ 1f) Why must the server that I port forward to have it's default gateway set to my Shorewall system's IP address? Thanks Tom. ------------------------------------------------------------------------------ 10 Tips for Better Server Consolidation Server virtualization is being driven by many needs. But none more important than the need to reduce IT complexity while improving strategic productivity. Learn More! http://www.accelacomm.com/jaw/sdnl/114/51507609/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
