Hello , thank you for your answer. ad1. i send my current firewall rules and record from tcpdump on re0 . My LAN is 172.16.0.0/22 (10... it was easy. I think it does not matter) My second LAN is 192.168.1.0/24(on this network connection to the IMAP port 993 works) My public IP is 86.49.91.98 ad2. Tcpdump on rl0 shows nothing ad3. Yes . I have gateway_enable="YES" in /etc/rc.conf ad4. I think yes... PS : Firewall is not my work . I inherited it. Thank you very much Petr Chocholac Dne 24.8.2015 v 15:39 Allan Jude napsal(a): > On 2015-08-24 09:05, Petr Chocholáč wrote: >> Hello, >> >> I would like to ask you for advice. I can not connect to imap.gmail.com >> on port 993 from my local network. My LAN is behind freeBSD server with >> IPFW. Server has two network cards rl0=Internet and >> re0=LAN(10.0.0.0/16). Tcpdump on re0 shows three SYN packets without >> answers. What rules should i create? >> >> I tried someting like this, without success: >> #ipfw add 01500 allow ip from 10.0.0.0/16 to any in via re0 >> >> >> >> Thank you very much for any advice and your patience >> >> Petr Chocholáč >> Brno, Czech Republic >> >> _______________________________________________ >> freebsd-current_at_freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-current >> To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org" > We would need to see all of your current firewall rules (ipfw show) > > You'll want to tcpdump on rl0, to see if the packet is being forwarded. > > Do you have the machine configured as a gateway? (gateway_enable="YES" > in /etc/rc.conf) > > Are you doing NAT (Network Address Translation) to remap the internal > (10.0.0.0/16) addresses to your internet routable IP? >
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:59 UTC