On 10/10/2017 10:18 AM, Paolo wrote: > > I think it is a FAQ as configuration problem, but I can't have it > working in my installation (a very similar configuration works fine for > other 2 couple of nets) > > Situation: > > > _________ NET _______ > / a.b.c.d \ e.f.g.h > RTR-FW1 RTR-FW2 > / \ > / 192.168.189.1/24 \ 192.168.117.5/24 > LinuxGW1 (10.8.0.1/24) LinuxGW2 (10.8.0.2/24) > | 10.0.0.250/24 | 192.168.107.5/24 > / \ / \ > Win11 Lin12 Win21 Win22 > > Obviously I want the servers into the 2 LANs behind the LinuxGW1 & 2 can > freely communicate. > > At the moment I have that from LinuxGW2 I can reach all the hosts in > LAN1, but from the hosts in LAN2 (that have LinuxGW2 as default GW), I > can't reach LAN1. And LAN1 can't reach LAN2 > If I install an OpenVPN client into Win21 or Win22 I can access the LAN1 > without problems > LinuxGW1 & 2 are Debian 9 + openvpn. I use 10.8.0.0/24 for the tunnel > From LAN2 I can ping 10.8.0.2, but not 10.8.0.1 > From LAN1 I can ping both 10.8.0.1 and 10.8.0.2 > > I am missing something but can't understand what. > Any hints appreciated. > Below configs. >
If you 'shorewall clear' on both firewalls, can you communicate between the two LANs? (be sure to 'shorewall start' both after the test). -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
