[Shorewall-users] Connectivity from "net" zone to system in the "dmz"

Tom Eastep teastep at shorewall.net
Thu Jul 10 23:58:54 PDT 2003

On Thu, 2003-07-10 at 14:43, Graeme Boyle wrote:
> Hello,
> I have a three interface firewall and used the three interface quick start
> guide. I am unable to connect to a system located in the DMZ from the
> Internet however, I am able to control access (changing ports/services on
> and off) from the local network to and from the same system in the DMZ. The
> error message I receive when trying to ssh from the Internet to the system
> in the DMZ is:
> [graeme at kaos graeme]$ ssh zeus.viisage.com
> ssh: connect to address port 22: Connection refused

I notice that isn't one of the IP addresses assigned to
eth0 -- is as close as you come.

I also notice an extremely strange masquerading entry for that IP

These features of your configuration are what I was referring to when I
noted that it was very hard for me to understand what you were trying to

Hope this helps...
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net

