Patricio Bruna V.-2 wrote:
What problems do you have with statict routing?
ok Here is the network diagram
Internet
|
|
IP_A
[EFW]
ip_a
|
|
LAN_A
|
|
[cisco router]
|
|
LAN_B
|
|
ip_b[PC1]
1.I want to make PC1 be able to connect to the internet via EFW
2.I added the route for reaching LAN_B on EFW
3. I added the default route for accessing the internet on cisco router.
4.I added firewall policy which allows nods on LAN_B accessing the internet
5. The nodes on LAN_A could reach the internet.
6.I could ping EFW/ip_a from PC1
7. I also could ping PC1 with source ip EFW/ip_a
8. But I could not ping IP_A and other ip addresses in the internet from PC1
9.I used command tcpdump to observe icmp packets while I ping from PC1 to internet ip. there are always two related packets like below
ICMP reply Destination -> IP_A
ICMP reply Destination -> ip_b
compare with ping from nodes on LAN_A , there's no 2nd ICMP reply packet.
thanks for help
