<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: CIPE Behind OpenBSD Firewall
From: David Dellanave <david,AT,dellanave,DOT,com>
Date: Mon, 13 Jan 2003 19:41:21 +0100

After struggling for a week, it's time I try to find some help with this 
problem.

I have a network of 50 machines, but only 3 are really important.

        Box A (CIPE)        Box B (OBSD FW)             Box C (CIPE)
    Ext IP a.a.a.a         Ext IP b.b.b.b               
    Int IP 192.168.2.1     Int IP 192.168.1.1        Int IP 192.168.1.2

The diagram looks something like:

(Machines)->Box A---<>(Internet)<>---Box B<--Box C (CIPE)
                                        ^----(More Machines)

The CIPE tunnel works because prior to the OpenBSD firewall being in the way, 
it worked fine.  The CIPE box was the firewall box and directly connected 
externally.

It sort-of works.  I can ping A from C.  Not A from B.  I can ping C from A.  
But most importantly, I can't ping machines behind A or behind C from either. 
 In other words I think it's a routing issue.

I have a binat rule setup, but I'm not sure the syntax is right.

I've searched google, which led me to the binat rule idea.

Can anyone offer any tips?

Thanks.
-- 
David,AT,Dellanave,DOT,com
www.dellanave.com
FED5 FF73 7A92 5B11 844D  068E 3AEC 268E AAF0 DA59





<< | Thread Index | >> ]    [ << | Date Index | >> ]