They are all on the green LAN, connected to the same switches. Client and “cisco vpn box 1” are on another LAN, only connected through a VPN link.

 

I know, this is not how we recommend to set this up, but it was like this when we came there.

 

Thanks,

Marco

 

 

Von: Jonathan Lessa [mailto:jonathanlessa@gmail.com]
Gesendet: Freitag, 2. August 2013 15:40
An: efw-user@lists.sourceforge.net
Betreff: Re: [Efw-user] Routing and ICMP

 

the "cisco vpn box 2", the Endian and other machines are on the same LAN green? Your "cisco vpn box 2" is connected directly to a network card Endian or a switch?

 

2013/8/2 Marco Gabriel - inett GmbH <mgabriel@inett.de>

Hello,

 

I have a strange problem that may be related to the endian way of policy based routing.

 

ICMP packages seem not to be routed properly.

 

Client -> cisco vpn box 1 -> public network -> cisco vpn box 2 -> endian -> server

 

RDP and other tcp/udp based services from client work, ICMP packets are sent to the server, the server answers but the packets seem not to be forwarded by the endian to the cisco vpn box 2. The cisco vpn box 2 and the endian are both in the same green LAN and the endian has configured a static route to static gateway “cisco vpn box 2”. As told, this works for all tested services but ICMP.

 

If I set a route manually to the vpn box on the shell by using “route add”, it works. If I set a route directly on the client to the cisco box, it works too.

 

So this seems to be a problem with the iptables way of routing packets.

 

Any hints how to fix this?

 

Best regards,

Marco

 


------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user



 

--
Att.:

Jonathan Lessa

------------------------------------------------------------------------------

Get your SQL database under version control now!

Version control is standard for application code, but databases havent 

caught up. So what steps can you take to put your SQL databases under 

version control? Why should you start doing it? Read more to find out.

http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________

Efw-user mailing list

Efw-user@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/efw-user