Tom et al.
First and foremost, I want to apologize for submitting such a obscure and
obvious lacking email request for support.
I should have followed http://www.shorewall.net/support.htm before sending
out initial email. To my embarrassment I didn't even provide the Shorewall
version level. I do realize - I am lucky I even received a response. My
plan was to correct the lack of details and follow-up with a proper
communication. However, I have since found the issue.
Ultimately the problem/solution was clear and somewhat trivial. I had
NAT'd to an external IP. This IP was then 'acquired' by my NOC to use for
their new switch in an existing VRRP group (we had an additional switch
installed for dedicated wireless network). The problem was further
complicated as the forward DNS record was updated - but the reverse was
not. This explains the routing issues/failures I experienced where the
routing failure only occurred to very specific destinations. This may also
explain why the routing would work all weekend and start failing again
midday on Monday - perhaps when the my user would start to use the NAT'd
external IP. Once the routing failed, all NAT'd and proxy arp systems
routing would fail.
In conclusion - thanks again for a wonderful tool and help. Any future
communications, I'll insure to provide adequate information/detail.
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
