I have a fairly standard network set up with a Cisco router with a bunch of public IP addresses connected to a TMG Server Firewall (For the sake of anonymity lets say the public IP of the TMG server is 1.1.1.66 and the IP of the router is 1.1.1.65
We are in the process of setting up a branch office and I have succesfully set up another TMG server with a site-2-site VPN over a spare ADSL line we have in order to check everything works before sending it to the new office.
However, I'd like to mimic various network speeds and latencies to work out what size of connection we need in the branch office and so thought I'd put an Ubuntu Server in between the two and us tc to throttle the bandwidth.
Our ISP has changed the config on the Cisco router so one of the ports has a 172.16.0.1 / 255.255.255.0 VLAN and I have split this range into two 255.255.255.128 ranges and set up and Ubuntu Box to route between them with
- two NICS (72.16.0.2 / 255.255.255.128 and 172.16.0.202 / 255.255.255.128)
- enabled port forwarding in /etc/sysctl.conf
- added some simple config to iptables to log every packet
From the branch firewall and the main firewall I can ping both NIC IP addreses on the Ubuntu Router. And from the Ubuntu Router I can ping everywhere including the 1.1.1.x addresses However I can't ping the two firewalls from each other, its as if the packets aren't being forwarded. I can't seem to "cross" the ubuntu router.
I suspect its the way I've set up the two NICs with 255.255.255.128 masks but am not really a routing expert!
