> -----Original Message----- > From: centos-bounces at centos.org > [mailto:centos-bounces at centos.org] On Behalf Of Marcus Moeller > Sent: Tuesday, February 10, 2009 1:19 PM > To: CentOS mailing list > Subject: Re: [CentOS] iptables: forwarding on internal device > I now begin to wonder if it's a routing issue and backroute problem as > the respone package may come from a different MAC address: > > LAN1 -> LINUX_ROUTER -> LAN2 > > Response: > > LAN2 -> CORE-ROUTER(with LINUX_ROUTER as default Gateway) -> > LINUX_ROUTER | BLOCKED | LAN1 > > This may be the case as the CORE-ROUTER was not part of the network in > good ol' slacky times. ---- You do have all your Routes Defined on all machines and routers? Last does that machine in question have it routes defined on it "route 10.x.x.x/x"? Only other thing you can do is start from scratch. Save all your rules and add them one at a time. If you can't have it off the network reduce the rules to a bare minimum. Are the switches configured correct? JohnStanley