Firewall problems

[supertight]

My workstation is on subnet 172.16.0.0/22, servers are on subnet 192.186.1.0/24
With the firewall off, I can ssh into the servers with no problem.
I set the firewall zone for eth0 to public and added the services SSH / HTTP. When I reload the firewall, I get locked out.

What the Heck

Is there something I should know about the firewall across subnets? The subnets are separated by a consumer grade cisco router(EA2700).
I know for sure the problem is in firewalld on the servers. It works when firewalld is off.

[supertight]

So, I'm using the wireless interface so I can set the machine right next to me while I configure because I get locked out many times. Because I'm a noob and make mistakes. The firewall seems to block everything when eth0 is up. If I use "ifdown eth0" and shutoff the interface. Like magic, the firewall lets me ssh into the wireless interface @ ".1.101".

I'm still testing other configs. I'll keep making notes here.

[TrevorH]

Don't tell it to set the default route on both interfaces. Pick one and stick to it.

[supertight]

Don't tell it to set the default route on both interfaces. Pick one and stick to it.

I want to set the router forward to use eth0(.1.2) to host http and use wlan0(.1.101) to allow everything else originating from inside my network.

Will that work or do I need to re-think my strategy?

[supertight]

Don't tell it to set the default route on both interfaces. Pick one and stick to it.

I want to set the router forward to use eth0(.1.2) to host http and use wlan0(.1.101) to allow everything else originating from inside my network.

Will that work or do I need to re-think my strategy?

I ran

Code: Select all

$ ip route
$ ip route del ***.***.1.1

This removed the default route for eth0. Reboot and still locked out. I'm sure I did this wrong. Can you point me in the correct direction?