Isolating private networks?

MrUmunhum · 03-14-2010, 06:37 PM

Hi group,

Please forgive me for being dumb. I need to isolate two private networks. One of them is a VPN coming in from the outside. Like so:

Code:

Clients            Internet---+        Private Network
                              |
192.168.1.1-+                 |      + 172.16.1.1
            |                 |      | 
192.168.1.2-+-- OpenVPN -- Server -- + 172.16.1.2 
            |                        |
192.168.1.x-+                        + 172.16.1.3

I need to keep 172 network separate from the 192 network. Should I use iptables?? Or is there another way??

jefro · 03-14-2010, 06:52 PM

If you have two nic cards it ought to be separate by default. I hope I'm not wrong on that.

nimnull22 · 03-14-2010, 07:41 PM

172.168.1.1, 172.168.1.2, 172.168.1.3 - one network, it is not 3 different networks

192.168.1.1, 192.168.1.2, 192.168.1.x - as well one network.

So, can you please, tell more clearly, what do you want to separate from?

MrUmunhum · 03-14-2010, 09:56 PM

Quote:

Originally Posted by nimnull22

172.168.1.1, 172.168.1.2, 172.168.1.3 - one network, it is not 3 different networks

192.168.1.1, 192.168.1.2, 192.168.1.x - as well one network.

So, can you please, tell more clearly, what do you want to separate from?

I know that they are two networks. I want to keep the 192 network from accessing the 172 traffic, but stilll allow all users access to the internet.

I can't use two NICs because the 192 traffic is coming in on VPN from the internet.

I tried this:

iptables -A INPUT -s 192.168.0.0 -d 172.0.0.0 -j DROP

and am still testing not sure if it works or not just yet.