EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Wednesday 20 November 2024, 04:45:26 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Download the latest community FREE version
HERE
14258
Posts in
4377
Topics by
6515
Members
Latest Member:
hulteends
Search:
Advanced search
EFW Support
Support
General Support
Two networks together - not working using blue zone and green zone
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Two networks together - not working using blue zone and green zone (Read 10377 times)
mikesilvers
Jr. Member
Offline
Posts: 1
Two networks together - not working using blue zone and green zone
«
on:
Friday 30 September 2011, 06:39:58 am »
This should be a basic issue, but it has been giving me trouble for the last week. I have two subnets and two Endian's. I would like to connect the two subnets, but allow each subnet to have their default gateway as they have different internet providers. The network information is as follows:
Network A: 10.25.1.0/24
Default GW: 10.25.1.2
Endian A: two network cards - red zone for the internet, green zone for the LAN
Red Zone IP: <external IP>
Green Zone IP: 10.25.1.2
Endian A routing table:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default * 255.255.255.128 U 0 0 0 eth0
<IP removed> * 255.255.255.128 U 0 0 0 eth0
10.25.2.0 10.25.1.219 255.255.255.0 UG 0 0 0 br0
10.25.1.0 * 255.255.255.0 U 0 0 0 br0
default <removed> 0.0.0.0 UG 0 0 0 eth0
There are only two Port Forwarding/NAT rules for this Endian. Both rules are bound to the main uplink to allow traffic in to a specific machine on the 10.25.1.0 subnet. There are no other firewall rules on this machine. No other firewalls are in use (outgoing, inter-zone, etc)
Network B: 10.25.2.0/24
Default GW: 10.25.2.2
Endian B: three network cards - one red zone, one green LAN, one blue zone
Red Zone IP: <external IP>
Green Zone IP: 10.25.2.2
Blue Zone IP: 10.25.1.219
Endian B routing table:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default * 255.255.255.224 U 0 0 0 eth1
<IP removed> * 255.255.255.224 U 0 0 0 eth1
10.25.2.0 * 255.255.255.0 U 0 0 0 br0
10.25.1.0 * 255.255.255.0 U 0 0 0 br2
default <removed> 0.0.0.0 UG 0 0 0 eth1
This machine has two rules in the Port Forwarding/NAT firewall section binding to the uplink. The rules allow external communications with a server on the 10.25.2.0 subnet. There are no rules in the outgoing or VPN firewalls. There are rules in the inter-zone firewall and the system firewall.
The inter-zone firewall rules:
10.25.2.0/24-->10.25.1.0/24 any service allow
10.25.1.0/24-->10.25.2.0/24 any service allow
10.25.1.0/24-->10.25.1.0/24 any service allow
10.25.2.0/24-->10.25.2.0/24 any service allow
The system firewall rules:
10.25.1.0/24 <ANY> TCP/10443
10.25.1.0/24 <ANY> TCP/22
10.25.1.0/24 <ANY> TCP+UDP/161:162
Any ideas on what may be going on here? I can't communicate (ping, http, any protocol) between 10.25.1.0 and 10.25.2.0.....
Logged
timupci
Full Member
Offline
Posts: 34
Re: Two networks together - not working using blue zone and green zone
«
Reply #1 on:
Saturday 05 November 2011, 10:36:58 am »
Question. Why are you running 2 Endian Firewalls?
Setup should look like this
GREEN ------------------\ / ----- RED 1
ORANGE------------------ --- EFW ---
BLUE---------------------/ \ ----- RED 2
Then use Policy Routing for each Zone.
Green to RED1
Blue to RED2
Orange to BOTH?
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.063 seconds with 17 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com