Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 05 December 2024, 02:19:41 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Firewall transparent
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Firewall transparent  (Read 7623 times)
bucrepus
Jr. Member
*
Offline Offline

Posts: 1


« on: Friday 16 July 2010, 03:11:19 am »

Is this firewall transparent (transparent mode or bridge), or is a NAT required? I thought about hooking it up between our corp lan gateway and workstations.
I tried to assign 172.18.6.2/24 and 172.18.6.1 GTWY  as the red and 172.18.6.3 as the green but it said they had to be on diff network segments. Any ideas?
Changing the GREEN to something else like 192.168.0.x and changing the workstations to this address scheme works but I need to leave the workstations on the 172.18.6.x network (transparent)

INTERNET /T1 ---   CORP GATEWAY (172.18.6.1)      ---   ENDIAN   --- SWITCH --- WORKSTATIONs (172.18.6.x)

Thanks
BUC
Logged
DFen
Full Member
***
Offline Offline

Posts: 46


« Reply #1 on: Saturday 17 July 2010, 10:58:53 pm »

Hi bucrepus

I think the issue here is that you need to route traffic through the firewall - thus red and green need to be on different subnets.

If the corporate gateway is 172.18.6.1 then the red subnet could be 172.18.6.0/30 with the red ip set to 172.18.6.2

If you need the remainder of the /24 to be on Green then you need multiple subnets defined on Green

172.18.6.4/30
172.18.6.8/29
172.18.6.16/28
172.18.6.32/27
172.18.6.64/26
172.18.6.128/25

You may be able to do this through the network->routing->static interface ( I havn't tried)
However it can be defined manually using "ip route" commands on device br0
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com