Routing and Firewall

Eduardo Soriano (e_soriano@dapsys.ch)
Wed, 27 Jan 1999 19:55:53 +0100

Setting up a 4 layers LAN

Description:

-------------| eth0 |-----------|
Internet |<---->|Firewall |
-------------| |-----------|
| eth1
|
192.1.1.0 | NetAddress1 ------|
| |
| eth0 |
|-----------| |-----------|
|Router_1 | |Client_1_1 |
|-----------| |-----------|
| eth1
|
192.168.1.0 | NetAddress2 ------|
| |
| eth0 |
|-----------| |-----------|
|Router_2 | |Client_2_1 |
|-----------| |-----------|
| eth1
|
192.168.4.0 | NetAddress3
|
|-----------|
|Client_3_1 |
|-----------|

Before declaring any static route using netcfg,
I configured:

Firewall: route add -net NetAddress1 netmask 255.255.255.0 gw IpAddressRouter_1
route add -net NetAddress2 netmask 255.255.255.0 gw IpAddressRouter_2
route add -net NetAddress3 netmask 255.255.255.0 gw IpAddressRouter_3
default: IpAddressInternet

Router_1: route add -net NetAddress2 netmask 255.255.255.0 gw IpAddressRouter2
route add -net NetAddress3 netmask 255.255.255.0 gw IpAddressRouter3
default: IpAddressFirewall

Router_2: default: IpAddressRouter2

>From Firewall I can telnet Client_4_1

>From Client_4_1 I can telnet Firewall

Problem:

Clients on NetAddress3 can not reach Internet services.

Client_1_1 and Client_2_1 have full access to Internet.
Client_3_1 not.

>From Client_3_1 traceroute www.yahoo.com works till the firewall
(www.yahoo.com is translated by the Firewall DNS correctly)
Nothing is received back.

I am out of ideas.

Many thanks for some help.

Bye
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu