-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Content-ID:
El 2010-11-14 a las 15:08 -0500, Jaime Velez escribió:
pero la cosa no parece funcionar, asi que cualquier ayuda al respecto es bienvenida por la atencion prestada mil gracias
Tienes que decirle al cortafuegos cual es la DMZ, y que rutee los pings.Send
tengo las 3 tarjetas configuradas y montadas en el cortafuegos
Internet (externa) es 200.71.206.74, interna es 192.168.2.X y dmz 200.71.206.75 va a dos maquinas con direcciones 200.71.206.76 y 77desde el cortafuegos puedo hacer ping a cualquier maquina, pero entre las zonas ninguna se vepor otro lado todo esto esta condimentado con una vpn que solo llega hasta el cortafuegos.. de ahi para adelante no ve mas nada.. creo que el problema es de cortafuegosJaime V --
No me has entendido. FW_DEV_DMZ="eth3" o la que sea que esté. Y para el ping: FW_ALLOW_PING_DMZ="yes" Y leete la ayuda: # Configuration HELP: # # If you have got any problems configuring this file, take a look at # /usr/share/doc/packages/SuSEfirewall2/EXAMPLES or use YaST # # # If you are an end-user who is NOT connected to two networks (read: # you have got a single user system and are using a dialup to the # internet) you just have to configure (all other settings are OK): # 2) and maybe 9). # # If this server is a firewall, which should act like a proxy (no direct # routing between both networks), or you are an end-user connected to the # internet and to an internal network, you have to setup your proxys and # reconfigure (all other settings are OK): 2), 3), 9) and maybe 7), 11), 14) # # If this server is a firewall, and should do routing/masquerading between # the untrusted and the trusted network, you have to reconfigure (all other # settings are OK): 2), 3), 5), 6), 9), and maybe 7), 10), 11), 12), 13), # 14) # # If you want to run a DMZ in either of the above three standard setups, you # just have to configure *additionally* 4), 9), 12), 13), 18) # # Please note that if you use service names, they have to exist in # /etc/services. There is for example no service "dns", it's called # "domain"; email is called "smtp" etc. - -- Saludos Carlos E. R. (desde 11.2 x86_64 "Emerald" en Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAkzgkPsACgkQtTMYHG2NR9VVOwCeMAacoNgtRCxZlVdMF7oQxfvN eIEAn337MGigPwTTLlVUoCX1GhdlHRiO =+Vus -----END PGP SIGNATURE-----