Hi Gents,
my vyos config confuse me
ive set the following on the vyos:
br0 10.0.0.254/22 u/u
172.16.0.100/24
eth0 192.168.0.101/24 u/u MNGT-LINK (Management NIC)
eth1 - u/u TEST-OUTBOUND-INT (Interface to Gateway)
eth2 - u/D SPN-UPLNK (not used at the moment)
eth3 - u/u SPN-BRIDGE
eth4 - u/u SPN-BRIDGE
eth5 - u/u SPN-BRIDGE
eth6 - u/u DMZ-BRIDGE
eth7 - u/u DMZ-BRIDGE
eth8 - u/u DMZ-BRIDGE
eth9 - u/D DMZ-UPLNK (not used at the moment)
the “SPN-BRIDGE” Ports represent the local internal Network where the Clients with IPs 10.0.0.x are connected.
the “DMZ-BRIDGE” Ports represent the local DMZ Network where an Authentication Gateway is present with IP Address 172.16.0.XXX for User Authentication from the Internet over HTTPS.
Booth Networks are bridged in BR0 with the IP Addresses 10.0.0.254/22 and 172.16.0.100/24
The outbound Interface is eth2 at the moment.
NAT is set to:
nat {
source {
rule 110 {
destination {
}
outbound-interface eth1
source {
address 10.0.0.0/22
}
translation {
address masquerade
}
DNS is set to:
service {
dns {
forwarding {
cache-size 0
listen-on br0
name-server 8.8.8.8
name-server 8.8.4.4
system
}
}
and the Gateway Adress is:
gateway-address 172.16.0.254
which is the Firewall connected to the Internet.
Traffic which is comming from outside to inside is working fine.
The Problem is that the Clients with IP 10.0.0.X cannot connect (surf) to the internet, also its not possible to ping the Firewall / Gateway on IP 172.16.0.254
a Ping on Vyos to Client IP Addresses an to the Authentication Server in the DMZ is possible.
does anybody know where the issue can be?
thanks in advice!