Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 20 May 1999 19:59:22 -0700 (PDT)
From:      net admin <admin@pacex.net>
To:        Doug White <dwhite@resnet.uoregon.edu>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   RE: IPFW rules & DNS issues
Message-ID:  <Pine.BSF.3.96.990520194615.23846A-100000@almazs.pacex.net>
In-Reply-To: <Pine.BSF.4.03.9905201610580.10536-100000@resnet.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Thu, 20 May 1999, Doug White wrote:

> On Thu, 20 May 1999, net admin wrote:
> 
> > I am testing my firewall wall system and everything seems to work so far
> > except I am not able to dialin from remote laptop to my server and browse 
> > i.e netscape not able to locate the server check your URL ... and timeout.
> > I can however log to my network from a remote laptop through dialup and
> > authenticate using SSH no problem.
> > I can go out from the servers and all machines connected to them and do
> > everything.
> > I have a dual homed setup for my firewall/gateway machine
> > My ipfw is setup as `open' for the above testing
> > I have real IPs on all servers/workstations ( not using NATD)
> > 
> > Internet----[DSL router]---[ firewall ]-----[  LAN  ]
> > 
> > and ofcourse all machines running FreeBSD firewall is 3.1-R
> 
> Try turning on logging on the firewall and see if it's dropping the
> packets from the dialup link.

Thanks doug you're resourceful!!

No; ipfw is not dropping any packets
but when I temporarly bypass the gateway and connected the router to the
LAN hub I was able to browse  from the remote laptop no problem and I put
the connection back the way it was just as in the ASCIIgram above and I
continued to browse all over the net; it seems to me it is failing to make
the initial DNS lookup somewhere.
I also saw the error:
frank radius[236] dropping duplicate request for id185 from RAS

RAS is my dialup modem bank located in the LAN where the
DNS/RADIUS/HTTP/MAIL services are.


> 
> Doug White                               
> Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
> http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org
> 
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990520194615.23846A-100000>