LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Home network setup with network firewall/router (http://www.linuxquestions.org/questions/linux-networking-3/home-network-setup-with-network-firewall-router-278674/)

Gates1026 01-16-2005 09:49 PM

Home network setup with network firewall/router
 
Right now I have a home network setup with a dsl router forwarding all ports to a single linux machine. I want all windows machines to also have a firewall protecting them so I would like to setup a dual homed machine to act as a dhcp gateway and a firewall/router.

Here is my question:

To do this, how do I configure the dsl router? Do I assign my router to forward all ports to the firewall and have the firewall have a non-routable ip address? This would have the packets NAT translated twice instead of once. The router must login to a server with a username and password so I cannot get rid of it. How do most people deal with this? Thanks for the advice in advance!

Dommy 01-16-2005 11:55 PM

You have pretty much answered your own question.

1. Leave the dsl router as is , let itdo its own thing.
2. linux box acts as dhcp server and dns server and firewall
3. point windows boxes at linux box

I had a similar setup except that my linux box had to dial-up my ISP

Gates1026 01-17-2005 06:04 AM

Thank you for your reply!

One of the questions that I really had was this:

Can the firewall/dhcp server take the routable ip address or does it need to take a private ip address for its outside connection? I assume that the router and the firewall cannot take the same ip address. I know that the router must login to the isp server with a username and password. So does my firewall have a connection:

1. eth0 - outside ip address public (ex: 63.x.x.x)
eth1 - inside ip address private (192.168.0.1)

or

2. eth0 - outside ip address private (10.0.0.2)
eth1 - inside ip addresss private (192.168.0.1)

Dommy 01-17-2005 07:26 PM

2. eth0 - outside ip address private (10.0.0.2)
eth1 - inside ip addresss private (192.168.0.1)

Correct answer. Your modem handles the external assigned ip address , it has an internal local address to which you connect eth0 , your firewall is set up to route all traffic from your eth1 intranet (192.168.0) network to eth0 after processing thru the firewall rules. Should all work :)

Now comes the tricky part, setting up the firewall. Don't forget to make your firewall accessible to your intranet if don't want to havea seperate screen attached to it.

GUIPenguin 01-17-2005 08:26 PM

if you looking into setting up or using a linux box as a firewall/router I would look into IPcop or Smoothwall
http://www.ipcop.org/

one of the best firewalling/routing distros as is smoothwall each give you intrustion detection/routing/dhcp/firewall/logging/traffic graphs..etc

ipcop 1.4 is the newest, and is very good at detecting network cards, step by step menu sets up your system and all adminstration is done through web gui 192.168.0.1:81



All times are GMT -5. The time now is 05:25 PM.