Qestion about Networking with a Firewall that has 2 ethernet cards
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Qestion about Networking with a Firewall that has 2 ethernet cards
I just built a firewall using mandriva's multiple network firewall, version one, I have 2 ethernet cards in it and i am trying to make it dial into my DSL connection with one card and send the internet connection to the computers that are plugged into the other ethernet card. The other computers run through a d-link router, and the firewall is also connected to the d-link, but i dont know if there is something i am doing wrong? The router itself i dont know how to make that just act as a switch, but i have been working on this for 2 weeks and i have read the firewall documentation and everything, Any information is appreciated. Also i have the firewall to where it will connect to the internet, all that i am having a problem with is getting it to the point of where my other ethernet card is set to send information rather than retrieve it or however that works.
if you aren't going to use the firewall function of the d-link then disable that in its configuration. if your linux box is going to serve dhcp then disable that in the d-link also, if you want the d-link to provide dhcp then keep it on. basically if you plug the output of your linux box into the main numbered ports on the d-link and the other computers on the network it will act as a switch. do not use the wan/dsl/cable/broadband port
Yeah that doesnt help, I am looking for a way to do it throug mandrivas multi network firewall, not through another operating system. Anyways thanks for the URL, I am going to have to try that on one of my computers.
Ok so i see that may be what i have to do, i tried it though and my stupid firewall wont let me open it now, Where it asked for allowable ip addresses i put like 192.168.0.1/25 or something like that, Is this wrong?
if you allow connections from 192.168.0.0/24 that means any IPs that start with 192.168 will be accepted. the /24 just means you use a 255.255.255.0 subnet mask.
so you can set your router to any ip that starts with 192.168
but it can't end with a 0.
so set it to 192.168.0.,1 or 192.168.1.1
Distribution: Distribution: RHEL 5 with Pieces of this and that.
Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700
Rep:
Going back to the top if you want to make the router just a switch you just plug all machines and lan side nic from firewall to the lan side of the router. If all lan machines are statically assigned then setup the router/switch lan side to use IP other than the lan machines and the lan nic IP from the linux firewall. Now point all lan machines to use the gateway to the lan side IP of the linux firewall.
Example
Wan x.x.x.x ( IP, Gateway, Subnet, DNS from provider)
Linux Firewall (Masquered)
Lan IP 192.168.0.1, subnet 255.255.255.0, No gateway defined
router lan side only connect lan from firewall and lan machines.
Set lan IP of router to say 192.168.0.100
Lan machine 1 IP 192.168.0.10, subnet 255.255.255.0, gateway 192.168.0.1, dns IP from provider.
Lan machine 2 IP 192.168.0.11, subnet 255.255.255.0, gateway 192.168.0.1, dns IP from provider.
Now using a wireless router should not be any different. Just lan IP again as 192.168.0.100 (This means not using the other router/switch). If wanting to use both use 192.168.0.101 ofr the other. The wan side of either does not matter. Only connect to lan side of the routers. Problalby need a crossover ethernet cable between both if used.
Just point all lan machine and wireless machine to gateway 192.168.0.1 Use any IP for 192.168.0.* from 2-254 excluding 100-101. like Finlay mentions. You cannot use 0. You cannot use 1since being used by the lan side of linux firewall. 100 and 101 is the lan IP of the router and wireless router if one or both used. 255 really should not because it is usually defined as the broadcast address but in full subnet its not that big of deal. Only when you use partial subnets does it help.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.