SuSEFirewall and routing between internal networks
Hello! I'm using SuSEFirewall with kernel 2.4.7. I have two internal, private (192.168.x.x) networks, besides the world connection (to the Internet - third network card). Routing to the Internet works perfectly. All PCs in both nets access the Internet. But PC in each internal net cannot access the other internal net. It simple seems that SuSEFirewall is not routing the packets between the two internet nets... Does anyone know how to make this work? Is there any way to configure the box (or SuSEFirewall) to route packets between the two internal nets? Any suggestions would be welcome. Best regards, Afonso Infante.
Hi I'm not sure what OS You have in Your LAN computers. I had a problem with M$, because for some reason SuSEfirewall is blocking the TCP port 139, and thus "network neighborhood" does not work. Check that You have "FW_INTERNAL_SERVICES_TCP = 139" or it might say "FW_INT_SERVICES_TCP = 139" Also check the "FW_SERVICE_SAMBA = YES", so that the firewall opens a couple of other ports too.. These can be found under "zast -> system administration -> change configuration file" That should help... Jaska. Viestissä Perjantai 10. Elokuuta 2001 16:54, Afonso Infante kirjoitti:
Hello!
I'm using SuSEFirewall with kernel 2.4.7. I have two internal, private (192.168.x.x) networks, besides the world connection (to the Internet - third network card).
Routing to the Internet works perfectly. All PCs in both nets access the Internet. But PC in each internal net cannot access the other internal net.
It simple seems that SuSEFirewall is not routing the packets between the two internet nets...
Does anyone know how to make this work? Is there any way to configure the box (or SuSEFirewall) to route packets between the two internal nets?
Any suggestions would be welcome.
Best regards,
Afonso Infante.
Hello!
I'm not sure what OS You have in Your LAN computers.
Win2k and Win98 and Linux... :-)
I had a problem with M$, because for some reason SuSEfirewall is blocking the TCP port 139, and thus "network neighborhood" does not work. [...]
Nope, that's not it. :-) Network Neighbourhood works perfectly, since I did open those ports for the internal networks... Even better: I can see the other network's PCs in Network Neighbourhood, since I have Samba running on the firewall's machine and it's the master browser. Problem is that packets do not get routed. I can't ping, I can't traceroute, nothing... Between the internal nets... Best regards, Afonso Infante.
Hello!
I'm using SuSEFirewall with kernel 2.4.7. I have two internal, private (192.168.x.x) networks, besides the world connection (to
third network card).
Routing to the Internet works perfectly. All PCs in both nets access the Internet. But PC in each internal net cannot access the other internal net.
It simple seems that SuSEFirewall is not routing the
Viestissä Perjantai 10. Elokuuta 2001 16:54, Afonso Infante kirjoitti: the Internet - packets between
the two internet nets...
Does anyone know how to make this work? Is there any way to configure the box (or SuSEFirewall) to route packets between the two internal nets?
Any suggestions would be welcome.
Best regards,
Afonso Infante.
Insert the following line in
/etc/rc.config.d/firewall-custom.rc.config, modified as appropriate
for your subnets:
ipchains -I forward -j ACCEPT -b -s 192.168.169.0/24 -d 192.168.183.0/24
I think it can go in any of the functions, I have it inside the last.
You will also need to enable the custom rules in the main file
/etc/rc.config.d/firewall.rc.config and stop and start the firewall.
HTH,
Jeffrey
Quoting Afonso Infante
Hello!
I'm using SuSEFirewall with kernel 2.4.7. I have two internal, private (192.168.x.x) networks, besides the world connection (to the Internet - third network card).
Routing to the Internet works perfectly. All PCs in both nets access the Internet. But PC in each internal net cannot access the other internal net.
It simple seems that SuSEFirewall is not routing the packets between the two internet nets...
Does anyone know how to make this work? Is there any way to configure the box (or SuSEFirewall) to route packets between the two internal nets?
Any suggestions would be welcome.
Best regards,
Afonso Infante.
-- I don't do Windows and I don't come to work before nine. -- Johnny Paycheck
Hello!
Insert the following line in /etc/rc.config.d/firewall-custom.rc.config, modified as appropriate for your subnets:
ipchains -I forward -j ACCEPT -b -s 192.168.169.0/24 -d 192.168.183.0/24
I think it can go in any of the functions, I have it inside the last. You will also need to enable the custom rules in the main file /etc/rc.config.d/firewall.rc.config and stop and start the firewall.
Brilliant! It worked... Thanks! Really appreciate it. Best regards, Afonso Infante.
participants (3)
-
Afonso Infante -
Jaakko Tamminen -
Jeffrey Taylor