| Anonymous | Login | Signup for a new account | 2013-05-20 06:57 CEST |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0004342 | Endian Firewall | Network related (VPN, uplinks) | public | 2012-04-27 21:43 | 2012-11-14 19:03 | ||||||
| Reporter | cemendes | ||||||||||
| Assigned To | |||||||||||
| Priority | normal | Severity | major | Reproducibility | always | ||||||
| Status | acknowledged | Resolution | open | ||||||||
| Platform | OS | OS Version | |||||||||
| Product Version | 2.5 | ||||||||||
| Target Version | Fixed in Version | ||||||||||
| Summary | 0004342: Endian configured as a gateway redirects traffic through the default gateway even on the same network. | ||||||||||
| Description | Box A - IP 192.168.10.10 MAC 00:24:d7:94:d3:38 (Windows Client) Box B - IP 192.168.10.2 MAC 00:0c:29:0f:c8:56 (Endian 2.5.1) Box C IP 192.168.10.1 MAC 00:50:56:22:ca:c0 (Default Gateway) BOX B has only one interface and the virtual red interface is configured as a gateway pointing to BOX C. When I ping BOX B from BOX A, BOX B issues a ICMP redirects and send my connection through the BOX C. The gateway(also a firewall) is tolerant with ICMP packets. However, it is not very kind with other packets in the same situation as when I try to access Endian web interface, the firewall blocks the connection. Since the gateway is also a firewall, it thinks someone is spoofing the network and blocks the packets. This behavior is not correct since both BOX A and B are on the same network and must not rely on BOX C (default gateway) to communicate to each other. This issue was introduced on 2.5.1(perhaps 2.5, I haven't test it). I cannot reproduce this problem with 2.4.1 which works perfectly. Enclosed, you can find a lan trace taken on BOX A. | ||||||||||
| Tags | No tags attached. | ||||||||||
| Attached Files | |||||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0007847) cemendes (reporter) 2012-04-27 21:56 |
I had to place the trace in a ftp website, since it was too big to attach here. ftp.novell.com/outgoing/icmp2-trace.pcap |
|
(0007978) lorenzo-endian (manager) 2012-07-31 13:28 |
hi cemendes, i would inform you that this bug has been resolved in the last enterprise packages... i hope we can release soon the fix for the community edition too.. one question, only because I am curious: do you use the community inside the Novell business network of just for personal testing? :) thanks a lot for reporting the issue and for supporting us! Lo |
|
(0008307) mtpcosta (reporter) 2012-11-14 17:30 edited on: 2012-11-14 17:36 |
Hi, I have the same problem. Is there a way to solve? Thanks, |
|
(0008308) cemendes (reporter) 2012-11-14 19:03 |
Thanks, Lorenzo. I work for Novell but, I use Endian at my home. :-) |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2012-04-27 21:43 | cemendes | New Issue | |
| 2012-04-27 21:56 | cemendes | Note Added: 0007847 | |
| 2012-05-18 14:41 | daniele-endian | Relationship added | child of 0004360 |
| 2012-07-31 13:28 | lorenzo-endian | Note Added: 0007978 | |
| 2012-07-31 13:28 | lorenzo-endian | Status | new => acknowledged |
| 2012-11-14 17:30 | mtpcosta | Note Added: 0008307 | |
| 2012-11-14 17:36 | mtpcosta | Note Edited: 0008307 | View Revisions |
| 2012-11-14 19:03 | cemendes | Note Added: 0008308 | |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |