Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 22 December 2024, 11:10:26 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  How to create VLANs and protecting them with firewall
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: How to create VLANs and protecting them with firewall  (Read 14260 times)
kblocat
Jr. Member
*
Offline Offline

Posts: 2


« on: Tuesday 06 November 2012, 04:37:23 am »

Good afternoon. I'm searching since last week a way to create 4 subnets in the green zone and then restrict access between them with firewall rules.
Unfortunately I did not find a documentation or a response on the forums.
I added the VLANS through the menu, but there is no option to assign an IP address to the VLANs, VLAN can only associate to a zone, and I added the 4 in the green zone.
I need to add IP addresses to a VLAN in Endian? Where should I add these addresses?
After creating VLANs, they appear no address. How do the rules and routes if they have no address?
Can anyone help me?
I created this scenario with 4 VLANS on DEBIAN Squeeze and work, why not work in Endian?
Thanks in advance.
Logged
lokutus25
Jr. Member
*
Offline Offline

Posts: 8


« Reply #1 on: Wednesday 07 November 2012, 01:26:43 am »

That's a good question. I tried to add a vlan to my green zone. I ended up closing myself out of the Webgui. I had to recover via CLI console.
No other documentation as for QoS, except the manual.
Logged
kblocat
Jr. Member
*
Offline Offline

Posts: 2


« Reply #2 on: Thursday 08 November 2012, 08:18:33 am »

I think I asked the question whose answer would cost one million dollars Grin. I'm still looking for answers to my question in other discussion groups, but still not getting success Cry.
Logged
vazromju
Jr. Member
*
Offline Offline

Posts: 5


« Reply #3 on: Thursday 29 November 2012, 09:50:59 am »

Me too.
I have activated notifications to this post to see if someone has a solution that will be very very welcome  Grin
Logged
gkos
Jr. Member
*
Offline Offline

Posts: 8


« Reply #4 on: Friday 30 November 2012, 04:50:32 am »

When you create VLANs and assign them to a zone, they are joined in a bridge.
You can configure bridge interface in System > Network Configuration and assign multiple IPs to this bridge.

bear in mind that since it is a bridge, the traffic from one vlan would flow freely to another.

What I am looking into right now is how to isolate the traffic in a bridge and stop intervlan communication. Sems like have to use ebtables to filter on the L2.  I will post the solution if I find one here.

The real question is where to put the custom rules, so every time the fw is reinitiated they get executed.



Logged
LuizAngioletti
Jr. Member
*
Offline Offline

Posts: 1


« Reply #5 on: Friday 28 December 2012, 06:54:51 am »

Hello there!

I've had a similar problem. This is the way I solved it:

1) I did have to use VLANs, so I configured them in my Host OS (endian is running as a VM).
2) Every VLAN in the host is offered to the vm as a "real" connection
3) Every connection has a different zone:
3.1) The uplink is in the RED zone
3.2) The first subnet in the GREEN zone
3.3) The second subnet in the ORANGE zone
3.4) The third subnet in the BLUE zone
4) Adjusted the firewall rules for ORANGE and BLUE zones, so they would work as 'green' zones.


Hope it helped.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.094 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com