I've set up a dmz for our wireless clients. My packet filter rules are as follows. Reject traffic coming from lan to dmz and reject traffic coming from dmz to lan. However when a vpn connection is establsihed from a dmz client I give the ipsec pool full access to lan resources. My problem is I can't ping the domain controllers. I can ping various xp clients and member servers but no domain controllers. I'm using an astaro linux firewall for this implementation.
www.astaro.com

I've set up a dmz for our wireless clients. My packet filter rules are as follows. Reject traffic coming from lan to dmz and reject traffic coming from dmz to lan. However when a vpn connection is establsihed from a dmz client I give the ipsec pool full access to lan resources. My problem is I can't ping the domain controllers. I can ping various xp clients and member servers but no domain controllers. I'm using an astaro linux firewall for this implementation.
www.astaro.com


I assume that you are pinging by the IP address correct?

Can you ping any other servers or comps on the internal Lan?

Is there a firewall with ICMP turned off?

spyder0552 dude! you gotta read the whole post before replying

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

were you able to ping the DC b4 the filters were applied???

Check VPN settings