On Mon, Jun 13, 2011 at 19:30, Ljubomir Ljubojevic <office at plnet.rs> wrote: > > m.roth at 5-cent.us wrote: > > Les Mikesell wrote: > >> On 6/13/2011 1:02 PM, m.roth at 5-cent.us wrote: > >>> We just went to replace the bridge/firewall services one one server with > >>> the same on another. It's pretty simple, and I literally cloned (w/ > >>> rsync) a third server that does this onto the one that will be the new > >>> one.Then > >>> copied the /etc/sysconfig/iptables from the one being replaced, and > >>> brought it up this morning. > >>> > >>> Nope. We had to put everything back the way it was. > >>> > >>> The new one sees the two or three servers behind the firewall, and we > >>> can ping them, from the new box. On one, we see IPP broadcasts; in fact, > >>> we > >>> see lots of broadcast packets using tcpdump. From outside, though, you > >>> can't see the servers. Trying to ping them, they see nothing. It seems > >>> to be the case that tcp and icmp packets are blocked, and we can't figure > >>> out why. Maybe some router or switch has your old mac address forced (or kind of static). Can you reboot them? (or contact your ISP to know for sure?) -- Marcelo "¿No será acaso que ésta vida moderna está teniendo más de moderna que de vida?" (Mafalda)