Title: Help with using EFW in a Virtual Lab - GREEN-ORANGE-BLUE zones Post by: MJP on Wednesday 15 January 2014, 04:08:35 am I want to use the EFW as a Firewall router in my virtual home lab running on a VMware ESXi host.
This is my first time using the EFW appliance and just wanted to get an idea how I could configure the routing. My lab design consists of 3 nics, eth0 = 192.168.1.0/24 (GREEN Home Network), eth1 = (BLUE Server Network), eth2 = (ORANGE DMZ) I'd like to be able to connect from my GREEN network to all VMs in the BLUE network and open up special ports like 443 only for traffic from BLUE network to VM in ORANGE network. Finally, I want to be able to access a VM in the DMZ zone from the internet using https: through my cable modem/ WRT Home router. Any help on how to achieve this will be greatly appreciated. PS. I tried to upload JPG but I keep getting an error " Error Has Occurred! The attachments upload directory is not writable. Your attachment or avatar cannot be saved. " Title: Re: Help with using EFW in a Virtual Lab - GREEN-ORANGE-BLUE zones Post by: kikilinux on Friday 17 January 2014, 05:09:41 am I want to use the EFW as a Firewall router in my virtual home lab running on a VMware ESXi host. This is my first time using the EFW appliance and just wanted to get an idea how I could configure the routing. My lab design consists of 3 nics, eth0 = 192.168.1.0/24 (GREEN Home Network), eth1 = (BLUE Server Network), eth2 = (ORANGE DMZ) I'd like to be able to connect from my GREEN network to all VMs in the BLUE network and open up special ports like 443 only for traffic from BLUE network to VM in ORANGE network. the Green network has access to blue network by default, in firewall menu , inter-zone traffic submenu u can denny traffic from green to orange by specifying https service and open create a rule to open access to https from blue to orange Finally, I want to be able to access a VM in the DMZ zone from the internet using https: through my cable modem/ WRT Home router. for this purpose u can add a rule in port forwarding to nat https traffic to ip address of the vm but before this u should add a rule on ur home router to port forwarding https traffic to ur endian firewall appliance Any help on how to achieve this will be greatly appreciated. PS. I tried to upload JPG but I keep getting an error " Error Has Occurred! The attachments upload directory is not writable. Your attachment or avatar cannot be saved. " |