I can't connect two subnets in green zone

Angel_Guerrero_Marin (Angel Guerrero Marín (Wondo1996)) 2017-06-08 11:10:59 UTC #1

Hi!

First at all sorry for my english. The problem is that I want to connect to subnets with different ranges between two green zones: Zone A (192.168.0.0) and Zone B (10.0.0.0), but I can 't do ping between these zones. If I change to red zone the zone B (10.0.0.0) i can do ping. Can anyone tell me how can I do to connect these zones without changing to red zone the zone B?

Jim 2017-06-08 12:01:30 UTC #2

Hi,

Two green zones are isolate, one from another.

You have to create two firewall objects
And all all traffic between the two zone.

pike (Michael Kicks) 2017-06-08 12:04:32 UTC #3

May i see the route table, please?

Jim 2017-06-08 12:15:57 UTC #4

Are the 2 green zone are one the same NICs?

If not, don’t worry with the routes.
Go in the Firewall object:

After creating the two CIDR objets, go in the Firewall rules, to create a new one, to accept all traffic from the first CIDR objet to the second CIDR object.
An a second rule, to accept all traffic from the second CIDR objet to the first.

Angel_Guerrero_Marin (Angel Guerrero Marín (Wondo1996)) 2017-06-08 12:26:55 UTC #5

Here I paste my route table.
Thanks for answering.

Angel_Guerrero_Marin (Angel Guerrero Marín (Wondo1996)) 2017-06-08 12:33:04 UTC #6

First at all thank for your answer. Each green zone are in different NICs. I’m going to try what you say.

Angel_Guerrero_Marin (Angel Guerrero Marín (Wondo1996)) 2017-06-08 13:29:54 UTC #7

I’ve created 2 firewall objects and the related firewall rules but i can’t do ping as before.

pike (Michael Kicks) 2017-06-12 14:00:45 UTC #8

As far as i can remember there was a specific page for stating routing into nethgui…

paolo (Paolo) 2017-06-14 12:35:43 UTC #9

review your network configuration, if you only have two green zones your route should only shows two directly attached networks, so
no 0.0.0.0 192.168.1.1 0.0.0.0
no 192.168.1.0 192.168.1.1 255.255.255.0

check the two networks are listed in trusted networks

do not create firewall zones unless you want overwrite default bahvoir and manually have to add all firewall rules

Angel_Guerrero_Marin (Angel Guerrero Marín (Wondo1996)) 2017-06-14 14:02:41 UTC #10

I’ve solved the problem changing my netmask from /24 (255.255.255.0) to /22 (255.255.252.0). Now I can connect the two green zones. Thank you so much for aid!

pike (Michael Kicks) 2017-06-21 15:45:49 UTC #11

Still keeping Zone A in (192.168.0.0) and Zone B (10.0.0.0)? Or Zone B changed to 192.168.1.0?

If Zone B changed class, the change of netmask it’s a little workaround…
Because if there will be an hypothetical Zone C (192.168.199.0) this trick won’t save you…
I can’t realize a test scenario like yours for confirm what i’m assuming, but adding a route should be the right thing to do instead change to a wider netmask.