0

We have a so called "LAB"-Network(VLAN). The Switch and Firewall are configured to allow access from the ip 10.150.151.1 (Windows Client in LAB) and 10.150.151.10(Debian Client in LAB) to a mail gateway(10.100.15.3). Using the following Network-Configuration with Windows 8.1 I'm able to access the mail gateway:

IP address:      10.150.151.1 (or 10.150.151.10)
Default Gateway: 10.150.1.1
Netmask:         255.255.0.0

Using the following Network-Configuration with Debian(7) I'm not able to access the mail gateway:

auto eth0
iface eth0 inet static
address 10.150.151.1 (or 10.150.151.10) 
netmask 255.255.0.0
gateway 10.150.1.1

route -n on Debian:

Destination     Gateway         Genmask      Flags Metric Ref Use Iface
0.0.0.0         10.150.1.1      0.0.0.0      UG    0      0   0   eth0
10.150.0.0      0.0.0.0         255.255.0.0  U     0      0   0   eth0

traceroute 10.100.15.3 on Debian:

1 * * *
2 * * *
3 * * * (up to 30 * * *)

tracert 10.100.15.3 on Windows 8.1:

1 <1 ms <1 ms <1 ms 10.150.1.11
2  3 ms <1 ms <1 ms 10.100.15.3

What am I doing wrong? Like I wrote above I'm able to access the mail gateway with both (.1 and .10) IP's from Windows 8.1, but with Debian it won't work. Do I have to configure anything else ?

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
SaintCore
  • 83
  • 2
  • 3
  • 8
  • Are you using the same network port when switching between the Win and Debian machine? If not, is the network port that the Debian machine is connected to configured correctly for the Lab VLAN? – ChadH360 Apr 21 '15 at 08:34
  • The Debian and Windows machines are connected to a unmanaged switch and from the unmanaged switch there is a connection to the LAB-Switch, which is configured for the VLAN "LAB". In short: Yes they use the same port. – SaintCore Apr 21 '15 at 08:41
  • Do you have any firewall settings in Debian? – Tero Kilkanen Apr 21 '15 at 09:35
  • Thanks for the additional info. Is the port on the managed switch configured to only be a member of the LAB vlan, or have you had to specify the VLAN on the Windows computer? If you have specified it on the Windows computer, try specifying VLAN membership on the Debian computer as well. There is info [here](http://www.slashroot.in/vlan-configuration-linux-nic-interface) regarding VLAN interfaces on Linux – ChadH360 Apr 21 '15 at 09:37
  • Incidentally, can the Windows machine ping the Debian machine and vice versa? – ChadH360 Apr 21 '15 at 09:39
  • The Port on the managed switch is configured to be a member of the LAB. No additional configuration was neccessary on the Windows machine. The Windows machine can ping the debian machine and the debian machine can also ping the Windows machine. – SaintCore Apr 21 '15 at 10:41
  • @TeroKilkanen What do you mean with that ? I haven't configured the firewall settings consciously. How can I check them ? – SaintCore Apr 21 '15 at 10:42
  • Please post the configuration for the LAB port on the managed switch (the one connected to your unmanaged switch). The behavior you're seeing resembles what you might see if port security (called MAC security by some vendors) were enabled on the port. – James Sneeringer Apr 21 '15 at 18:08
  • See my answer below :) – SaintCore Apr 23 '15 at 06:42

1 Answers1

0

I was able to figure out why it didn't worked.

Between the "LAB"-VLAN and the VLAN "DMZ" are a total of 5 Switches(SW 1-5). SW1 is connected to the unmanaged switch in the LAB VLAN and with all the other Switches(SW2-5). The MailGateway is connected to SW2-5.

The packages sent from the Windows Clients passed SW1 and SW2. The Packages from the Debian Clients passed SW1 and SW3 and the VLAN Lab wasn't configured for the ports of SW3. Once I configured them everything worked fine.

SaintCore
  • 83
  • 2
  • 3
  • 8