EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Wednesday 27 November 2024, 12:48:04 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
How to create VLANs and protecting them with firewall
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: How to create VLANs and protecting them with firewall (Read 13499 times)
kblocat
Jr. Member
Offline
Posts: 2
How to create VLANs and protecting them with firewall
«
on:
Tuesday 06 November 2012, 04:37:23 am »
Good afternoon. I'm searching since last week a way to create 4 subnets in the green zone and then restrict access between them with firewall rules.
Unfortunately I did not find a documentation or a response on the forums.
I added the VLANS through the menu, but there is no option to assign an IP address to the VLANs, VLAN can only associate to a zone, and I added the 4 in the green zone.
I need to add IP addresses to a VLAN in Endian? Where should I add these addresses?
After creating VLANs, they appear no address. How do the rules and routes if they have no address?
Can anyone help me?
I created this scenario with 4 VLANS on DEBIAN Squeeze and work, why not work in Endian?
Thanks in advance.
Logged
lokutus25
Jr. Member
Offline
Posts: 8
Re: How to create VLANs and protecting them with firewall
«
Reply #1 on:
Wednesday 07 November 2012, 01:26:43 am »
That's a good question. I tried to add a vlan to my green zone. I ended up closing myself out of the Webgui. I had to recover via CLI console.
No other documentation as for QoS, except the manual.
Logged
kblocat
Jr. Member
Offline
Posts: 2
Re: How to create VLANs and protecting them with firewall
«
Reply #2 on:
Thursday 08 November 2012, 08:18:33 am »
I think I asked the question whose answer would cost one million dollars
. I'm still looking for answers to my question in other discussion groups, but still not getting success
.
Logged
vazromju
Jr. Member
Offline
Posts: 5
Re: How to create VLANs and protecting them with firewall
«
Reply #3 on:
Thursday 29 November 2012, 09:50:59 am »
Me too.
I have activated notifications to this post to see if someone has a solution that will be very very welcome
Logged
gkos
Jr. Member
Offline
Posts: 8
Re: How to create VLANs and protecting them with firewall
«
Reply #4 on:
Friday 30 November 2012, 04:50:32 am »
When you create VLANs and assign them to a zone, they are joined in a bridge.
You can configure bridge interface in System > Network Configuration and assign multiple IPs to this bridge.
bear in mind that since it is a bridge, the traffic from one vlan would flow freely to another.
What I am looking into right now is how to isolate the traffic in a bridge and stop intervlan communication. Sems like have to use ebtables to filter on the L2. I will post the solution if I find one here.
The real question is where to put the custom rules, so every time the fw is reinitiated they get executed.
Logged
LuizAngioletti
Jr. Member
Offline
Posts: 1
Re: How to create VLANs and protecting them with firewall
«
Reply #5 on:
Friday 28 December 2012, 06:54:51 am »
Hello there!
I've had a similar problem. This is the way I solved it:
1) I did have to use VLANs, so I configured them in my Host OS (endian is running as a VM).
2) Every VLAN in the host is offered to the vm as a "real" connection
3) Every connection has a different zone:
3.1) The uplink is in the RED zone
3.2) The first subnet in the GREEN zone
3.3) The second subnet in the ORANGE zone
3.4) The third subnet in the BLUE zone
4) Adjusted the firewall rules for ORANGE and BLUE zones, so they would work as 'green' zones.
Hope it helped.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.109 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com