Greg Scott wrote: > I have 2 relevant interfaces. eth0 is external, eth1 is internal. My > internal LAN is 10.10.10.0/24. My External range is 1.2.3.0/27 (dummied > up). I have an H.323 videoconference device inside my internal LAN, but > at IP Address 1.2.3.11/27. (IP Address dummied up.) I want to proxy > ARP this device. > > My questions - was proxy ARP broken in the 2.4.27 days? Why doen't > tcpdump show me packets on both interfaces of the firewall? Am I > missing a setup ingredient someplace? Should the default GW on that > H.323 device be .2 (the firewall) or .1 (the Internet router)? Does > mixing NAT and proxy ARP create problems? Should I put the H.323 device > in its own little DMZ? > > Thanks > > - Greg Scott No, not broken; proxy ARP works fine in 2.4.25 - .32. You should have a look at Martin Brown's proxy ARP script http://yesican.chsoft.biz/lartc/proxy-arp.sh and its config file http://yesican.chsoft.biz/lartc/proxy-arp.conf but I bet the problem is rp_filter. -- gypsy _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
