From: Alan Chung (alan@silveregg.co.jp)
Date: Sat Dec 02 2000 - 02:51:54 PST
Thanks for your reply.
Yes, I have two networks separated by two pmfirewall. Each firewall has
two NIC as internal and external interfaces. I am running a SSH type of
VPN on top of PPP connection. In order to browse the host from network
neighborhood, I have setup two domain servers (for two networks) and each
has a different NT domain name. The internal hosts on each side are
logging in their NT domain server. They are having different range of IPs.
master side:
IP: 192.168.0.0/24
NT domain server: 192.168.0.2
slave side:
IP: 192.168.4.0/24
NT domain server: 192.168.4.2
So now when I have the PPP connection, I can not ping internal hosts from
the other side of network, if I start pmfirewall. It is all right without
any rule, though. Also I can't see any host on the other side in network
neighborhood either with/without any rules. SSH port is already
opened. But I guess I have to open some ports for netbios too?
Any idea?
Alan
At 午前 08:50 00/11/30 -0600, Jeremy Brooks wrote:
> By your message I assume the pmfirewall box seperates these two networks.
>Are you running two or three NICs? What sort VPN are you using? Need more
>input... more input more input
>
>,Jeremy5
>
>-----Original Message-----
>From: Alan Chung
>To: pmfirewall@pointman.org
>Sent: 11/29/00 8:26 PM
>Subject: [pmfirewall] rules for VPN
>
>I have a VPN environment which allows hosts on two different internal
>networks to access each other, which are
>
>192.168.0.0/24
>192.168.4.0/24
>
>Does anyone know how to setup input/output/forward rules for these
>internal
>networks in order to allow these internal traffic to see each other?
>Every
>time when I start ipchains, I can't ping from one side to the other side
>of
>internal host.
>
>Thanks in advance.
>
>Alan
>************************************************************************
>****
>* To UNSUBSCRIBE from the list, send a message with "unsubscribe
>pmfirewall"
>* in the message body to majordomo@pointman.org. Please direct other
>* questions, comments, or problems to pmfirewall-owner@pointman.org.
>*
>* Need answers fast? Check the list archive located at:
>* http://www.pointman.org/PMFirewall/list-archive/
>*
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:38:17 PDT