Hi, I'm quite new for Astaro. Sorry if I'm asking stupid questions. The situation is somehow i had never faced before, i need to deploy ASG into a environment, whereby it needs to be located behind another firewall (let said firewall C) which is not managed by us.
As the network diagram attached, the ASG need to be placed behind firewall C in order to filter the packets, and monitor the user traffic from LAN A (which is network 192.168.1.x/24). We have to connect the WAN port from ASG to the Internal port of Firewall C (192.168.1.1). The internal port of Firewall C serves as gateway for LAN A.
So, i have tried to setup the interface for ASG as below:
eth0 internal
interfaces type :ethernet standard
IP:192.168.1.10
eth1 WAN
interfaces type :ethernet standard
IP:192.168.1.11
GW:192.168.1.1
Firewall
any to any (for testing purpose)
Global ICMP settings
all options were checked
however, when i tried to ping to the gateway(192.168.1.1), it shows destination unreachable. Even though i tried to ping from ASG itself to the gateway, it also shows destination unreachable. I tried to did a traceroute, the packet somehow stopped at eth1, and couldn't forward to the gateway.
Did i need to do certain routing at the ASG itself? Or is there any other configurations that i missed out? Hope some one could give me a little advise on this...thanks...
As the network diagram attached, the ASG need to be placed behind firewall C in order to filter the packets, and monitor the user traffic from LAN A (which is network 192.168.1.x/24). We have to connect the WAN port from ASG to the Internal port of Firewall C (192.168.1.1). The internal port of Firewall C serves as gateway for LAN A.
So, i have tried to setup the interface for ASG as below:
eth0 internal
interfaces type :ethernet standard
IP:192.168.1.10
eth1 WAN
interfaces type :ethernet standard
IP:192.168.1.11
GW:192.168.1.1
Firewall
any to any (for testing purpose)
Global ICMP settings
all options were checked
however, when i tried to ping to the gateway(192.168.1.1), it shows destination unreachable. Even though i tried to ping from ASG itself to the gateway, it also shows destination unreachable. I tried to did a traceroute, the packet somehow stopped at eth1, and couldn't forward to the gateway.
Did i need to do certain routing at the ASG itself? Or is there any other configurations that i missed out? Hope some one could give me a little advise on this...thanks...