Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Michael Boettjer (michael_at_boettjer.org)
Date: Sun Oct 13 2002 - 07:24:41 CDT
i use SuSEfirewall2 on a SuSE 7.2-Gateway.
The Firewall has 3 Interfaces - one in direction of the internet (official
IP), one to the inner-LAN (192.168.20.x) and one to the DMZ (192.168.70.x).
The Computer in the DMZ (Webserver) has an internal IP-Adress
(192.168.70.y), so i have to port-masquerade.
The inner-LAN-Clients can reach the Webserver because i'm using the
"FW_FORWARD"-Parameter in SuSEfirewall-Config-File. One of the entries is
All works fine.
But now i want to add a second Server (Mail) to the DMZ. I added the
appropriate entry to the FW-FORWARD-Parameter. I can ping the two Servers
from the firewall succesful.
But from an inner-LAN-Client i can only reach the Webserver, but not the
Mailserver. Neither a ping works still a telnet to the SMTP-Port. The
Firewall-Logs relative to DENYs or so what is empty.
When i add the Mailserver to the "FW_FORWARD_MASQ"-Parameter, i can reach
the Box from the internet without problems.
Thanks in advance for help.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-helpsuse.com Security-related bug reports go to securitysuse.de, not here