EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Sunday 24 November 2024, 03:09:21 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the Official Endian Reference Manual
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
System access question re: firewall access
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: System access question re: firewall access (Read 9859 times)
xlancealotx
Full Member
Offline
Posts: 16
System access question re: firewall access
«
on:
Saturday 10 April 2010, 11:01:22 pm »
I have an efw in beta right now and happy with the look, but wondering if I am missing something somewhere. If I have a /29 and 8 IP's have websites, I would like to make 1 rule, to simply say allow http -> webserver1, webserver2, etc. w/o allowing port 80 to ALL servers.
Looking at the "System access configuration" page, it looks like there should be a 'destination' box as well, I can limit the source address, zone, etc. but there should be a place to add destination IP's I would imagine the same way all other FW's work.
If I have 10 ip's for example, I would like to make a rule to say allow SSH from ONLY this IP (or zone, host, etc.) ONLY to THIS destination IP and I just don't see that, so am I missing something obvious?
Thanks ...
Logged
Steve
Sr. Member
Offline
Posts: 108
Re: System access question re: firewall access
«
Reply #1 on:
Saturday 10 April 2010, 11:26:52 pm »
A 'System Access' rule is a rule you create to access the Endian Firewall itself.
For example, if you wanted to access the Endian GUI from the internet you would create a System Access rule to allow port 10443
What you want to do is a simple NAT (Network Address Translation) which directs traffic to an IP BEHIND Endian.
To create a rule go to Firewall > Port forward / NAT > Destination NAT
Logged
xlancealotx
Full Member
Offline
Posts: 16
Re: System access question re: firewall access
«
Reply #2 on:
Monday 12 April 2010, 02:35:12 am »
Ah, ok, Basically the current setup is;
ISP -> FW -> 3 subnets
|--> public /29 - few random things specific to customers
|--> public/29 -> Load Balancer -> webservers
|--> private/24 for management functions
##Edited ##
Sorry I had a brain hic-up. Basically my red zone will be my ISP's IP, but behind that I will have the above 2 publically accesable network's as well as a private management network (a normal 10.x) which that will be my 'green' zone. Looking at the nework wizard, I would try to guess and say the red would be my external IP from my ISP, I would then say I would need 2 orange zones if that's possible as well as my management green zone right? The wizard does say # of interfaces 4, but not sure how to proceed. As I thought, I could do a single orange, make it a /28 so both networks pass through that, and get a switch in between the 2 public networks, but basically is there a way to have 3 red's (ISP and 2 publics) or a red and 2 oranges?
Thanks
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com