[Sunhelp] DMZ: so close i can tast it
Karl Rossing
karl.rossing at federated.ca
Tue Sep 12 21:59:28 CDT 2000
This is a multi-part message in MIME format.
--------------CA7665F27E957820BED9BAAA
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I'm so close i can smell it! Here is my conundrum
1)All external requests should be nat'ed to hme0
2)Corp requests to dmz should be routed
Solaris 8 Box
SunScreen EFS Ver 3.0.1
hme0 internet
hme1 dmz
hme2 corp
So far i have been able to get nat working, what i can't get working it
the corp clients routed to the DMZ. In this case it's just a web
connection.
I have snoop'ed the corp and dmz network. Corp/hme2 forwards the request
to dmz/hme1 and then to the webserver. The webserver replies to the
request and sends it to dmz/hme1 and then does not send it back to the
client.
Even if i unload the firewall, requests are not forwarded back to the
clients.
/etc/defaultrouter is not used. in.routed and in.rdisc are automaticly
started up by /etc/rc2.d/S66inetinit. /etc/rc2.d/S70addroutes adds the
default route.
What am i missing so that Web requests get sent back to the PC's?
Karl
--------------CA7665F27E957820BED9BAAA
Content-Type: text/x-vcard; charset=us-ascii;
name="karl.rossing.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Karl Rossing
Content-Disposition: attachment;
filename="karl.rossing.vcf"
begin:vcard
n:Rossing;Karl
tel;work:204-786-6431 Ext 358
x-mozilla-html:TRUE
url:http://www.federated.ca
org:Federated Insurance Companies of Canada
adr:;;717 Portage Ave;Winnipeg;Mb;R3C 3C9;Canada
version:2.1
email;internet:karl.rossing at federated.ca
title:Technical Services
fn:Karl Rossing
end:vcard
--------------CA7665F27E957820BED9BAAA--
More information about the SunHELP
mailing list