I too had problems with proxy arp. I got it to work (with help) by doing a 'arp -i eth0 -s xxx.xxx.xxx.xxx 00:00:00:00:00:00 pub Where eth0 is the outside if and xxx.xxx.xxx.xxx is the outside IP address. And of cause the correct MAC address of that interface. But it dident work before I added a route!!!! 'route add -host xxx.xxx.xxx.xxx eth1' Where eth1 is the inside of my firewall. Hope you can make it work. Regards Søren Kent Jensen ----- Original Message ----- From: "Reckhard, Tobias" <tobias.reckhard@secunet.com> To: "'Ray Leach'" <raymondl@knowledgefactory.co.za>; "Reckhard, Tobias" <tobias.reckhard@secunet.com>; <suse-security@suse.com> Sent: Monday, December 03, 2001 8:09 AM Subject: RE: [suse-security] Connecting firewall directly to router ...
I read the man page for arp. It says that the kernel does automagic arp if a route exists between the subnets.
Did you also do 'man 7 arp'? That page says that the interface in question has to have proxy arp enabled. It's a sysctl thing, check /proc/sys/net/ipv4/conf/<IF>/proxy_arp.
Cheers Tobias
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com