Date: Fri, 20 Nov 1998 13:04:03 -0700 From: "Shannon Wheeler" <swheeler@tnc.com> To: "FreeBSD isp" <freebsd-isp@FreeBSD.ORG> Subject: Re: ICMP firewall entry? Message-ID: <01be14c0$ebba8b20$0307070a@Shannon>
next in thread | raw e-mail | index | archive | help
Something wrong with your subnet mask or you're using non-private IP addresses internally. What internal IP addresses are you using and what subnet masks? *The opinions expressed herein are my own and are not necessarily representative of the policies or opinions of my employer.* Shannon Wheeler Data & Comm. Tech Clearwater Welding & Fabricating Ltd Fort McMurray, AB -----Original Message----- From: Nate Williams <nate@mt.sri.com> >David Greenman's recent comment about 'too-string a firewall for ICMP' >in one of the lists got me thinking about some machines on my network. > >Currently, I have a 'home-network' of machines in each employees >home, which has it's own dedicated subnet (4 machines, whee!). However, >the machines connected to this subnet can not connect to every WWW >server on the net, while the 'gateway' machines for each home have no >such problems. > >Example: > >Internet <-> Firewall <-> Modem Server <-> Office machines > ^ ^ ^ > | | | > v v v > Home networks routers <-> Home machine 1 > > >(home networks routers are multiple machines, each connecting to the >modem server from a different house). > >All routing computers in this case are running FreeBSD, as well as the >firewall and modem server. Note, all the office machines work fine, all >of the home network routers work fine, but all of the home machines work >'most of the time'. For example, I can't connect to www.intellicast.com >from my box that I'm typing on now, but if I startup netscape on the >router box next to it things work fine. > >Could this be related to ICMP? The 'router' boxes have two addresses, >one is the 'office address' so it appears to be on the office network, >but it also has a second address that is one the 'home subnet'. The >only thing I can think is that somehow routing isn't working, but for >about 80% of the sites on the WWW, everything works peachy? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01be14c0$ebba8b20$0307070a>