Date: Wed, 28 Jun 2000 15:56:51 +0200 From: "Peter Salvage" <wizard@sybaweb.co.za> To: "freebsd-isp@freebsd.org" <freebsd-isp@FreeBSD.ORG> Subject: Re: IPFW Message-ID: <006601bfe108$b68dd680$0200a8c0@ait.co.za> References: <Pine.BSF.4.05.10006281521240.27618-100000@arnold.neland.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Leif > > net > > (a) | > > router > > (b) | (1st nic) > > FreeBSD > > (c) | (2nd nic) > > mail server--proxy server > > (d) | (2nd nic) > > internal network > > > > (a) subnet 192.168.0.0/30 > > (b) subnet 192.168.0.4/30 > > (c) subnet 192.168.0.8/29 > > (d) subnet 192.168.0.16/29 > > > > I'm unable to telnet to the router from the internal network, even > > though I've set an access list on the router allowing vty 0-4 access > > only from subnet (b). Therefore I'm assuming I've left something out of > > my rules list on the FreeBSD box. > > > A: Is routing ok, i.e. can you ping? from d to the router? I guess so... yeah I can...sorry I never mentioned that > B: If your access list on the router says only subnet (b) can access it, > then that's why subnet (d) can not access it. You didn't mention that you > were using NAT on the FreeBSD box, so if you telnet from (d), that's the > adress the router will see. I'm not running NAT on the freeBSD box, but I am on the Linux box. I added the ip addy of the linux box external nic to the access list as well as the 2nd nic /30 from the FreeBSD box (c) and it made no difference. sigh...can't be a router conf issue...I'm obviously looking right past the damn error <screaming in frustration> :-) /wiZZ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006601bfe108$b68dd680$0200a8c0>