Hello-
I am in the process of setting up my first pf box. I am embarrassed to
say that I am having trouble even getting past the networking portion of
my network. The box I am configuring is going to be between my cable
modem and my wireless router....so this is where my issues are coming
from. I cannot seem to get the routers to talk to each other. except
in one instance which I talk about below. Here is a diagram of the network:
Internet<----> (-Cable Modem- 24-52-224-246)/ hme0 (-pf box-)
rl0/192.168.1.1 <---------> 192.168.1.2(-Linksys WRT55G-)
192.168.69.1 .oO)) 192.168.69.50(wireless client(MAC OS X))
Ok, I hope that this will help more than hinder.
* I can communicate to the Internet from the pf box.
* I cannot ping the outside interface of the linksys(192.168.1.2) from
the pf box.
* I cannot ping the inside interface(192.168.1.1) of the pf box from the
MAC OS X(192.168.69.50)
* I can ping the outside interface(192.168.1.2) of the linksys from the
MAC OS X(192.168.69.50)
***so basically the two routers are not talking
-The pf box is set up with:
net.inet.ip.forwarding=1
-and in pf.conf:
pass in log all keep state
pass out log all keep state
It seems that the routing tables would be incorrect, but I _think_ they
are ok.
***Routing table on _pf box_
/root $netstat -r
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu
Interface
default 24-52-224-gate.knt UGS 9 38937 - hme0
24.52.224/23 link#1 UC 1 0 - hme0
24-52-224-gate.knt 0:50:57:1:37:2 UHLc 1 0 - hme0
24-52-224-246.kntn localhost UGHS 0 0 33192 lo0
loopback localhost UGRS 0 0 33192 lo0
localhost localhost UH 2 2 33192 lo0
192.168.1/24 link#2 UC 2 0 - rl0
192.168.1.1 0:50:22:84:dc:6f UHLc 0 4 - lo0
192.168.1.2 0:13:10:e:83:3c UHLc 1 277 - rl0
192.168.69/24 link#2 UCS 1 0 - rl0
192.168.69.50 link#2 UHLc 0 5 - rl0
BASE-ADDRESS.MCAST localhost URS 0 0 33192 lo0
******Notice that the MAC address of the linksys WRT55G(192.168.1.2) is
in the routing table even though I cannot ping it.(Does this tell me
something?)
******Also notice that I tried pinging my MAC OS X box(192.168.69.50)
from the pf box before I pasted the output of netstat -r. No success.
**Routing table on the Linksys WRT55G
Destination LAN IP Subnet Mask Gateway Interface
192.168.69.0 255.255.255.0 0.0.0.0 LAN & Wireless
192.168.1.0 255.255.255.0 0.0.0.0 WAN (Internet)
0.0.0.0 0.0.0.0 192.168.1.1 WAN (Internet)
***The firewall is turned off on the Linksys router. Will this router
just route traffic and let everything pass?
One interesting thing. I can connect to the pf box(192.168.1.1) from
the MAC OS X(192.168.69.50) via ssh. This connection takes a very long
time to establish though. Almost like it was a dns timeout but it is
not. I know this because I put this in the sshd_config of the pf box to
make sure.....UseDNS no. I cannot ping or connect to anything one hop
beyond the pf box out on the Internet rom the MAC OS X box.
Is there something _obvious_ here that I have not done? or overlooking?
I really think that the linksys router is the thing that is odd here.
If it was a Cisco router, I think it would be much easier. I cant
even log on to the linksys and ping or traceroute anything. If anyone
has a suggestion, I would appreciate it.
-Bob
