Search Results

Search found 12925 results on 517 pages for 'email routing'.

Page 98/517 | < Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105  | Next Page >

• Can fragments of a packet be refragmented again?

  - by gsinha

  In IPv4, fragmentation is done by routers on way to the destination if DF(do not fragment) flag is not set in the IP packet. Once a packet is fragmented, its fragments may take different paths (due to various reasons like topology changes) to the destination. If, on some link again in the path to destination, one routers find that the link MTU is smaller than the frame size, then either the packet needs to be fragmented or dropped. Can fragments of a packet be refragmented again? If yes, what will be the value of MF flag in the new individual fragments created by this?

  Read the article

• Postfix - How to alias some [email protected] to another user, but only for certain values of "host.com"

  - by Rory McCann

  I have a Postfix email setup. It's handle a few domains (i.e. I have them in my mynetworks in my main.cf). I have a normal unix account and use that to log in, and get my mail. My personal email account is of the form [email protected]. I have a new domain new.com, and I want to forward [email protected] to [email protected], however I don't want to forward [email protected]. Someone has suggested just forwarding all 'info' to 'user', and then using procmail on my user@ account to remove the [email protected] The server is Ubuntu.

  Read the article

• Fritz!Box IPv6-Address different than IPv6-Prefix

  - by kmindi

  In my Fritzbox it states the following: IPv6-Adresse: 2a02:8070:600::14b6:c7******, Gültigkeit: 100465/86065s IPv6-Präfix: 2a02:8070:62c:3200::/56, Gültigkeit: 100464/86064s I am not able to connect to IPv6 Addresses from computers configured by the fritzbox, because they get an address with prefix 2a02:8070:62c:3200::/56 but somehow the fritzbox does not route those addresses. Is this because the IPv6-Address is not in the prefix range? The address of the Fritzbox responds to pings, but my computers reached via various addresses from the prefix range do not (: PING 2a02:8070:62c:3200:28d****(2a02:8070:62c:3200:28d****) 32 data bytes From 2a02:8070:600:0:14b6*** icmp_seq=0 Destination unreachable: Administratively prohibited From 2a02:8070:600:0:14b6*** icmp_seq=1 Destination unreachable: Administratively prohibited From 2a02:8070:600:0:14b6*** icmp_seq=2 Destination unreachable: Administratively prohibited From 2a02:8070:600:0:14b6*** icmp_seq=3 Destination unreachable: Administratively prohibited blocked ping this is "view" from outside From inside the ping6 looks like this: traceroute -6 heise.de traceroute to heise.de (2a02:2e0:3fe:100::8), 30 hops max, 80 byte packets 1 fritz.box (2a02:8070:62c:3200:****) 0.787 ms 1.424 ms 1.702 ms 2 * * * ...... 30 * * *

  Read the article

• How to force certain traffic through GRE tunnel?

  - by wew

  Here's what I do. Server (public internet is 222.x.x.x): echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf sysctl -p iptunnel add gre1 mode gre local 222.x.x.x remote 115.x.x.x ttl 255 ip add add 192.168.168.1/30 dev gre1 ip link set gre1 up iptables -t nat -A POSTROUTING -s 192.168.168.0/30 -j SNAT --to-source 222.x.x.x iptables -t nat -A PREROUTING -d 222.x.x.x -j DNAT --to-destination 192.168.168.2 Client (public internet is 115.x.x.x): iptunnel add gre1 mode gre local 115.x.x.x remote 222.x.x.x ttl 255 ip add add 192.168.168.2/30 dev gre1 ip link set gre1 up echo '100 tunnel' >> /etc/iproute2/rt_tables ip rule add from 192.168.168.0/30 table tunnel ip route add default via 192.168.168.1 table tunnel Until here, all seems going right. But then 1st question, how to use GRE tunnel as a default route? Client computer is still using 115.x.x.x interface as default. 2nd question, how to force only ICMP traffic to go through tunnel, and everything else go default interface? I try doing this in client computer: ip rule add fwmark 200 table tunnel iptables -t mangle -A OUTPUT -p udp -j MARK --set-mark 200 But after doing this, my ping program will timeout (if I not doing 2 command above, and using ping -I gre1 ip instead, it will works). Later I want to do something else also, like only UDP port 53 through tunnel, etc. 3rd question, in client computer, I force one mysql program to listen on gre1 interface 192.168.168.2. In client computer, there's also one more public interface (IP 114.x.x.x)... How to forward traffic properly using iptables and route so mysql also respond a request coming from this 114.x.x.x public interface?

  Read the article

• redirect from mysite.com to www.mysite.com

  - by jml

  hi there, i know that this has been answered many many times, so if someone wants to point me to another thread that answers my question specifically, that is fine... for right now, my searches aren't yielding many results. so i have a website like mysite.com that has a flash swf embedded in it and i go to www.mysite.com ... all of the sudden, things don't work properly. i would like to get to the bottom of this, because it's not like the page just "doesn't load" at all; it loads and i can only do certain things; as if certain functionality is disabled (might be url requests for specific urls etc). do i need to manage this in my control panel? i wouldn't assume so, because the site loads; just has a crippled functionality from within the swf. i was thinking it might have more to do with my crossdomain.xml file; could this be the case? thanks for any tips or suggestions.

  Read the article

• How to redirect all Internet traffic to OpenVPN Server

  - by JuliaS

  I have seen working solutions around the issue of forcing Internet traffic to go through the OpenVPN server but they are all done in Linux, all I want to know is how to add an entry to the route table in windows to make this happen. connectivity between the client and server is fine, my Windows 7 client can establish a connection to the Windows 2008 Server, but when established Internet traffic is still going from the local Windows 7 machine. Here are the details: Server: Windows 2008 Server with one NIC OpenVPN IP Address: 192.168.0.1 Local NIC IP Address (connects the server to the Internet): 10.242.69.107 Client: Windows 7 with one NIC OpenVPN IP Address: 192.168.0.2 ISP allocated IP Address: 10.0.8.2 (gateway 10.0.8.1) Server OpenVPN Config: dev tun ifconfig 192.168.0.1 192.168.0.2 secret static.key push "redirect-gateway def1" Client OpenVPN Config: remote xxx.xxx.com dev tun ifconfig 192.168.0.2 192.168.0.1 secret static.key I'm not an expert with adding routes...etc. I would be grateful if someone could let me know how to add this entry in my server/client route table. EDIT: Output from the client's netstat -rnv IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.0.8.1 10.0.8.2 20 10.0.8.0 255.255.255.252 On-link 10.0.8.2 276 10.0.8.2 255.255.255.255 On-link 10.0.8.2 276 10.0.8.3 255.255.255.255 On-link 10.0.8.2 276 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.252 On-link 192.168.0.2 286 192.168.0.2 255.255.255.255 On-link 192.168.0.2 286 192.168.0.3 255.255.255.255 On-link 192.168.0.2 286 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 10.0.8.2 276 224.0.0.0 240.0.0.0 On-link 192.168.0.2 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 10.0.8.2 276 255.255.255.255 255.255.255.255 On-link 192.168.0.2 286 ===========================================================================

  Read the article

• Using Static Public IPs and Private DHCP IPs on the Same Router

  - by Andrew Larsson

  I have a subnet of public IP addresses that my ISP has provided me with. They are routed through my router (how profound) that has a a static IP. I have successfully assigned the IPs from that subnet to various devices on my network. This works just fine, they get their own public IP, they can access the Internet, and the Internet can access them. However, I would like to also assign some private IPs on my network through that same router and put them behind NAT. Is this even possible? Could a VLAN be of use? I would like to avoid putting another router on the network, which makes this is quite an awkward question.

  Read the article

• Connecting together DIR-615 and DIR-655

  - by ra170

  On my DIR-655 my internal network is: 192.168.0.x On my DIR-615 my internal network is: 192.168.1.x They are both connected to my firewall PIX 501 box The PIX itself is connected to the comcast modem. I briefly looked at the menu options on those router and they look similar, however I'm not sure what's the best way to connect those two together so that I can go between those networks. (printing, file browsing, etc.) I'm not sure if I have to do this somehow on those two router or on the PIX itself, or probably on all of them. If anyone has experience with something like that please let me know..

  Read the article

• DrayTek Vigor 2920(n): VPN with VLAN restrictions?

  - by Dirk

  Hi, I'm currently installing a DrayTek Vigor 2920n router in a new office. This router is to be used for 2 seperate companies. For one of these companies, the router has a LAN-2-LAN (VPN) connection to a datacenter configured. The other company should not be able to access this other (VPN-)network. I'm aware of the capability of this router to have VLAN's, but I cannot figure out how to configure the VPN-connection to only be accessible for VLAN0 and not for VLAN1. I know I can also add another router to physically split both networks, but we bought the DrayTek with the idea that it could easily have the VPN-connection available for VLAN0 and not for VLAN1. VLAN1 can easily be in another subnet, that's fine, although, I don't know how to configure that on this DrayTek. Can anyone point me in the right direction? Thanks in advance, Dirk

  Read the article

• How can I prevent OpenVPN from clobbering local route?

  - by ataylor

  I have a local network on 192.168.1.0 with netmask 255.255.255.0. When I connect to a VPN though OpenVPN (as a client), it pushes a route for 192.168.1.0 that clobbers the existing one, making my local network inaccessible. I don't to access anything on 192.168.1.0 on the remote machine; I'd like to just ignore it, while accepting the other routes that are pushed. My client is Ubuntu 10.10. How can I skip the one offending route?

  Read the article

• Route packets from one VPN to another

  - by Mike

  I have two OpenVPN servers (10.8.0.0 and 10.9.0.0) set up on my OpenSUSE server. Within one network, each computer is visible to any other one, but I'd like to make it so that computers are visible across networks. I'd like to route the packets like this: when a user (say 10.8.0.6) pings an address on the other VPN (10.9.0.6), the packets are routed to the 10.9.0.1 and then to the appropriate computer in this VPN. How do I achieve this using iptables or a different tool? I tried the commands at the end of this section with no avail.

  Read the article

• Limiting interface bandwidth with tc under Linux

  - by Matt

  I have a linux router which has a 10GBe interface on the outside and bonded Gigabit ethernet interfaces on the inside. We have currently budget for 2GBit/s. If we exceed that rate by more than 5% average for a month then we'll be charged for the whole 10Gbit/s capacity. Quite a step up in dollar terms. So, I want to limit this to 2GBit/s on 10GBe interface. TBF filter might be ideal, but this comment is of concern. On all platforms except for Alpha, it is able to shape up to 1mbit/s of normal traffic with ideal minimal burstiness, sending out data exactly at the configured rates. Should I be using TBF or some other filter to apply this rate to the interface and how would I do it. I don't understand the example given here: Traffic Control HOWTO In particular "Example 9. Creating a 256kbit/s TBF" tc qdisc add dev eth0 handle 1:0 root dsmark indices 1 default_index 0 tc qdisc add dev eth0 handle 2:0 parent 1:0 tbf burst 20480 limit 20480 mtu 1514 rate 32000bps How is the 256K bit/s rate calculated? In this example, 32000bps = 32k bytes per second. Since tc uses bps = bytes per second. I guess burst and limit come into play but how would you go about choosing sensible numbers to reach the desired rate? This is not a mistake. I tested this and it gave a rate close to 256K but not exactly that.

  Read the article

• Strange requests coming from Korean Site

  - by Jim Jeffers

  Lately I've been finding a lot of strange requests like this coming to my rails app: Processing ApplicationController#index (for 189.30.242.61 at 2009-12-14 07:38:24) [GET] Parameters: {"_SERVER"=>{"DOCUMENT_ROOT"=>"http://www.usher.co.kr/bbs/id1.txt???"}} ActionController::RoutingError (No route matches "/browse/brand/nike ///" with {:method=>:get}): It looks like it's automated as I get a lot of them and notice the strange parameters they're trying to send: _SERVER"=>{"DOCUMENT_ROOT"=>"http://www.usher.co.kr/bbs/id1.txt??? Is this something malicious and if so what should I do about it?

  Read the article

• BGP Multihomed/Multi-location best practice

  - by Tom O'Connor

  We're in the process of designing a new iteration of our network where we improve resilliency by adding a second datacentre. We'll be adding a second datacentre, with an identical configuration of servers as our primary location. To achieve network connectivity, we're looking into a couple of possible methods. See earlier questions http://serverfault.com/questions/86736/best-way-to-improve-resilience and http://serverfault.com/questions/101582/dns-round-robin-failover-and-load-balancing I'm pretty convinced that BGP is the right way to go about this, and this question is not about RRDNS. 1) If we have 2 locations, do we announce the same IP address block from both locations? 2) If we did this, but had a management ssh interface on x.x.x.50 from datacentre A, but it was on x.x.x.150 in datacentre B. What is the best practice mechanism for achieving this? Because if I were nearest to A, then all my traffic would go to x.50, but if i attempted to connect to x.150, I'd not be able to connect, because this address wouldn't be valid at A, but only at B. Is the best solution to announce 2 different netblocks, one at each location, facilitating the need for RRDNS, or to announce a single block, and run some form of VPN between the two sites for managment traffic?

  Read the article

• how to pass traffic for port 80 not through openvpn?

  - by moti

  Is there a way to configure OpenVPN clients to route traffic for HTTP port 80 and HTTPS port 443 directly (i.e. not through the VPN), but through the regular default gateway the clients have. All other traffic should go through the VPN. My client is running OpenVPN on Windows and my current configuration looks like this: client dev tun proto tcp remote my-server-2 1194 resolv-retry infinite nobind persist-key persist-tun ca ../keys/ca.crt cert ../keys/client1.crt key ../keys/client1.key ns-cert-type server verb 3 route-metric 1 show-net-up dhcp-renew dhcp-release route-delay 0 120 hand-window 180 management localhost 13010 management-hold management-query-passwords management-forget-disconnect management-signal auth-user-pass

  Read the article

• Dynamips and Tap Devices, To and From the same machine

  - by Kyle Brandt

  I am setting up a dynamips/dynagen lab and am wondering if there is any way to get traffic to route out one tap devices, go into the lab, and come back to a tap device on the same machine. I have tried host specific routes as well as removing the route created when I give the tun device an ip via ifconfig. With both of these, traffic always preferes the attached devices and won't go through my lab. Any way to make this work without a separate machine or vm?

  Read the article

• Sophos UTM in Hyper-V

  - by TheD

  So, I had a previous thread about this Virtualizing Firewalls/UTM. Essentially, I have configured what I think would work, but networking isn't my strong point! Two Virtual Adapters - with IP addresses 192.168.0.2 (External) and 192.168.0.3 (Internal) respectively. The External Adapater looks at 192.168.0.1 (my Zyxel) for it's default gateway. The Internal Adapter, 192.168.0.3, which is what the Sophos UTM listens on, has it's default gateway set to 192.168.0.2, the IP of the External Lan interface. So, PC (192.168.0.11, DHCP) --> (LAN) --> Switch --> 192.168.0.3 (Internal LAN Interface IP) --> Sophos UTM --> 192.168.0.2 (External LAN Interface IP) --> 192.168.0.1 --> Internet Would this be the correct setup, or am I completely out of the game here? Cheers!

  Read the article

• No external src ip in log files (my router ip appears instead)

  - by bongo_fury

  I recently retired my workhorse WRT54G router/AP in favor of a Linksys EA2700. Since then, all inbound traffic (bound to an Ubuntu 10.02 box running LAMP)logged to Syslog, Apache's error and access logs, etc. (all behind said router) is getting logged with a src ip of 192.168.1.1, that of the router's internal ip. For example, here is an old entry from apache's access.log: 74.82.68.20 - - [22/Feb/2011:10:14:34 -0600] "GET /assets/css/style.css HTTP/1.1" 304 154 "http://example.com/view.php?event_id=1" "BlackBerry8520/5.0.0.822 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/100" And here is one since switching the router: 192.168.1.1 - - [05/Oct/2012:21:29:25 -0500] "GET /somedir/print.css HTTP/1.1" 200 650 "http://example.com/somedir/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1"** That first field is the problem. Each and every entry in every log shows an "external" IP of 192.168.1.1, which isn't very helpful. Any ideas? Much thanks from a n00b!

  Read the article

• OpenVZ multiple networks on CTs

  - by picca

  I have Hardware Node (HN) which has 2 physical interfaces (eth0, eth1). I'm playing with OpenVZ and want to let my containers (CTs) have access to both of those interfaces. I'm using basic configuration - venet. CTs are fine to access eth0 (public interface). But I can't get CTs to get access to eth1 (private network). I tried: # on HN vzctl set 101 --ipadd 192.168.1.101 --save vzctl enter 101 ping 192.168.1.2 # no response here ifconfig # on CT returns lo (127.0.0.1), venet0 (127.0.0.1), venet0:0 (95.168.xxx.xxx), venet0:1 (192.168.1.101) I believe that the main problem is that all packets flows through eth0 on HN (figured out using tcpdump). So the problem might be in routes on HN. Or is my logic here all wrong? I just need access to both interfaces (networks) on HN from CTs. Nothing complicated.

  Read the article

• Connect root domain name to dyndns?

  - by user36175

  Is there any way to connect the root of a domain name to a dyndns account? This question reveals how to get www.whatever.com to point to dyndns, but is there a way to get whatever.com itself to point to it? The domain is registered with GoDaddy if that matters.

  Read the article

• Problem linking two Cisco routers with a static route

  - by Chris Kaczor

  I'm trying to link two Cisco routers with a static route and I haven't been able to get it working as expected. Here is the basic setup: Router 1 - WRV210 - 192.168.1.1 - connected to cable modem Router 2 - RV120W - 192.168.2.1 I already have several machines on Router 1 that are working and I want to setup Router 2 with a few other machines on the different subnet. Here is what I've configured: Connected the WAN port on Router 2 to a LAN port on Router 1 Configured Router 1 to give 192.168.1.2 to Router 2 via DHCP Configured Router 1 with a static route (192.168.2.0 mask 255.255.255.0) to 192.168.1.2 using the LAN & Wireless interface Disabled the firewall on Router 2 (since it is covered by Router 1) Configured Router 2 to "Router" mode instead of "NAT" mode Configured Router 2 with a static route (192.168.1.0 mask 255.255.255.0) to 192.168.1.1 using the WAN interface From the research I've done I think that should be enough but things aren't working exactly as expected: Router 2 can ping 192.168.1.1 and 192.168.1.101 (a machine on router 1) A machine on Router 2 can ping 192.168.1.1 and 192.168.1.101 (a machine on router 1) ping 192.168.1.1 and 192.168.1.101 (a machine on router 1) Router 1 can NOT ping 192.168.2.1 or 192.168.2.101 (a machine on router 2) A machine on Router 1 can NOT ping 192.168.2.1 or 192.168.2.101 (a machine on router 2) can NOT ping 192.168.2.1 or 192.168.2.101 (a machine on router 2) Router 1 and a machine on Router 1 can ping 192.168.1.2 (Router 2 itself) I'm confused as to why Router 1 cannot talk to the 192.168.2.0/255.255.255.0 subnet. Any help would be greatly appreciated.

  Read the article

• OSX: Mimic Ubuntu IP Masquerading via iptables with ipfw

  - by Dogbert

  Good day, I am attempting to replicate a setup I have between a router and an Ubuntu PC, and have the same setup working on my MacBook (10.6, Snow Leopard). First, I have a router that has a USB port. When I plug it into my Ubuntu PC, it creates an RNDIS connection, allowing me to connect to the router over the USB cable via an IP connection. When I plug it into my computer via USB, it gets assigned an IP address of 172.16.84.1, and a new adapter appears when I type ifconfig. I can then SSH into the device via ssh [email protected]. When I log in to the device, I flush the routes, then create the default route: admin@localhost> route -f admin@localhost> route add default 172.16.84.2 Now, in my Ubuntu machine, I use iptables to enable IP masquerading: root@Valhalla> sudo iptables -t nat -A POSTROUTING -s 172.16.84.2 -j MASQUERADE Once this is all done, the router has internet access over the USB connection to my PC. I am trying to replicate this exact setup on my MacBook now (Snow Leopard), but iptables does not exist for OSX, not even a Macports version exists. I have scoured through other questions on StackOverflow that cover the usage of the ipfw command, which apparently works as a drop-in replacement for iptables. However, the syntax is significantly different, and I'm pretty much lost. Does anyone with some experience with ipfw have some suggestions on how I could accomplish this and create a NAT connection via IP masquerading like I could with my Ubuntu PC? Thank you for your assistance.

  Read the article

• UDP packets to IP addresses other than specific ones not arriving and not shown in Wireshark

  - by Max

  I'm writing a service using UDP, but I can't manage to reply to the client. When sending to the client via the DHCP-assigned IP (192.168.1.143) Wireshark shows no sent packets. The server receives and Wireshark shows any packet sent by the client (broadcasted). If I send to a random, unassigned IP Wireshark doesn't show it. I thought the NIC would happily send it, since there is a router in the way - shouldn't Wireshark show it, even though it cannot possibly be received by a remote endpoint? If I send to either the router IP or another (specific, there is only one other) computer, the packet is shown in Wireshark. I am running Windows 7, the firewall is turned off using the control panel. Does the fact that wireshark doesn't show these packets mean that they aren't sent? What reason could there be for showing packets to one IP, but not another, on the same subnet?

  Read the article

• VPN - force a selective range of ip to run on VPN (linux)

  - by Francesco

  Preface: I know there are similar question here and there however I'm a kind of newbie on Net stuff so I need an answer on this specific scenario, hoping that can help others too as it is a common problem Let say I cannot do anything on the local switch to change the local ip range, I don't want to use any complicate trick as use VMachine to hide the local ip range but I want to use net tools to solve the issue. Scenario my local net assign me an IP of this class 192.168.1.xxx (ex. 192.168.1.116) and my VPN (VPNC) assign me IP of same class 192.168.1.xxx (ex. 192.168.1.247) Obviously I need VPN to access local address (ex. 192.168.1.100) but when I open any address of the class 192.168.1.xx the route point to my local net and not to the VPN ones. I'm on linux and i'd like gui solution (network manager) in case it is not possible let play with route command. here what network manager offer me: Here my actual route once connected to the VPN: Here some route information (route -n) Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 182.71.21.106 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0 182.71.21.106 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0 192.168.1.0 0.0.0.0 255.255.255.0 U 9 0 0 wlan0 192.168.1.246 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 Here my ifconfig : ppp0 Link encap:Point-to-Point Protocol inet addr:192.168.1.247 P-t-P:192.168.1.246 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1 RX packets:3415 errors:0 dropped:0 overruns:0 frame:0 TX packets:2525 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:3682328 (3.6 MB) TX bytes:402315 (402.3 KB) wlan0 Link encap:Ethernet HWaddr 4c:eb:42:06:a3:a6 inet addr:192.168.1.116 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::4eeb:42ff:fe06:a3a6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:72598 errors:0 dropped:0 overruns:0 frame:0 TX packets:42300 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:76000532 (76.0 MB) TX bytes:13919400 (13.9 MB) The Question So basically I would like to add a rule to force this particular address (192.168.1.100) on the VPN and not on my local net

  Read the article

• IPSEC tunnel Fortinet Transparent Mode to inside Fortinet firewall in NAT Mode does not respond to i

  - by TrevJen

  I have 2 fortinet firewalls (fully patched); fw1 is providing an IPSEC tunnel in transparent mode. beneath this firewall is a fw2, a NAT firewall with a VIP address that has been confirmed to work. This configuration is required for my customers who want to connect to a public address space inside of the tunnel, in order to prevent cross over in IP space. This configuration works great for traffic going outbound to the remote side of the tunnel, but not inbound. While sniffing the traffic, I can see the inbound traffic going out of the fw1, but it is never seen at the fw2. Cust Net > 10.1.1.100 | | | FW1 >TRANSPARENT IPSEC | | | FW2 EXT >99.1.1.1.100-VIP | FW2 NAT >192.1.1.100-NAT

  Read the article

< Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105  | Next Page >