Hi!
First at all sorry for my english. The problem is that I want to connect to subnets with different ranges between two green zones: Zone A (192.168.0.0) and Zone B (10.0.0.0), but I can 't do ping between these zones. If I change to red zone the zone B (10.0.0.0) i can do ping. Can anyone tell me how can I do to connect these zones without changing to red zone the zone B?
Hi,
Two green zones are isolate, one from another.
You have to create two firewall objects
And all all traffic between the two zone.
May i see the route table, please?
Are the 2 green zone are one the same NICs?
If not, don’t worry with the routes.
Go in the Firewall object:
After creating the two CIDR objets, go in the Firewall rules, to create a new one, to accept all traffic from the first CIDR objet to the second CIDR object.
An a second rule, to accept all traffic from the second CIDR objet to the first.
First at all thank for your answer. Each green zone are in different NICs. I’m going to try what you say.
I’ve created 2 firewall objects and the related firewall rules but i can’t do ping as before.
As far as i can remember there was a specific page for stating routing into nethgui…
review your network configuration, if you only have two green zones your route should only shows two directly attached networks, so
no 0.0.0.0 192.168.1.1 0.0.0.0
no 192.168.1.0 192.168.1.1 255.255.255.0
check the two networks are listed in trusted networks
do not create firewall zones unless you want overwrite default bahvoir and manually have to add all firewall rules
I’ve solved the problem changing my netmask from /24 (255.255.255.0) to /22 (255.255.252.0). Now I can connect the two green zones. Thank you so much for aid!
Still keeping Zone A in (192.168.0.0) and Zone B (10.0.0.0)? Or Zone B changed to 192.168.1.0?
If Zone B changed class, the change of netmask it’s a little workaround…
Because if there will be an hypothetical Zone C (192.168.199.0) this trick won’t save you…
I can’t realize a test scenario like yours for confirm what i’m assuming, but adding a route should be the right thing to do instead change to a wider netmask.
