Hello guys, I made an account here because I tried everything and looked everywhere but nothing worked for me.
First, I’m quite a noob with network and english is not my first language, so please forgive me for any mistake on this post.
The scenario:
I have a bridge interface between two ports, ether2 and ether3 (ether1 is the connection to the internet).
This bridge has 4 subnet’s, Subnet A 10.0.0.0/26, Subnet B 10.0.0.64/26, Subnet C 10.0.0.128/26, and Subnet D 10.0.0.192/26.
The Firewall has all the defaults settings plus a few rules to drop packets like this:
- drop A → B
- drop B → A
- drop A → D
- drop D → A
- drop B → D
And has the rules to allow like that:
- allow A → C
- allow C → A
In terms of static routes, the default is applied, meaning:
- dst address: 10.0.0.0/26 | | gateway:bridge | | pref source: 10.0.0.1
- dst address: 10.0.0.64/26 | | gateway:bridge | | pref source: 10.0.0.65
- dst address: 10.0.0.128/26 | | gateway:bridge | | pref source: 10.0.0.129
- dst address: 10.0.0.192/26 | | gateway:bridge | | pref source: 10.0.0.193
Plus I added, just to be sure:
- dst address: 10.0.0.0/26 | | gateway:bridge
- dst address: 10.0.0.128/26 | | gateway:bridge
The problem:
For some reason, I can’t get to ping from a host on A to C or C to A, however I can ping from A to 10.0.0.64(gateway) and I from C to 10.0.0.0(gateway), what should I do to be able to ping from A to C and vice versa?
*I feel like is important to mention that all subnets have access to the internet and that access is working properly, and when I try to ping from A to C the rule on the firewall to allow the packets to go to C is incremented.