|
Title: How to create VLANs and protecting them with firewall Post by: kblocat on Tuesday 06 November 2012, 04:37:23 am Good afternoon. I'm searching since last week a way to create 4 subnets in the green zone and then restrict access between them with firewall rules.
Unfortunately I did not find a documentation or a response on the forums. I added the VLANS through the menu, but there is no option to assign an IP address to the VLANs, VLAN can only associate to a zone, and I added the 4 in the green zone. I need to add IP addresses to a VLAN in Endian? Where should I add these addresses? After creating VLANs, they appear no address. How do the rules and routes if they have no address? Can anyone help me? I created this scenario with 4 VLANS on DEBIAN Squeeze and work, why not work in Endian? Thanks in advance. Title: Re: How to create VLANs and protecting them with firewall Post by: lokutus25 on Wednesday 07 November 2012, 01:26:43 am That's a good question. I tried to add a vlan to my green zone. I ended up closing myself out of the Webgui. I had to recover via CLI console.
No other documentation as for QoS, except the manual. Title: Re: How to create VLANs and protecting them with firewall Post by: kblocat on Thursday 08 November 2012, 08:18:33 am I think I asked the question whose answer would cost one million dollars ;D. I'm still looking for answers to my question in other discussion groups, but still not getting success :'(.
Title: Re: How to create VLANs and protecting them with firewall Post by: vazromju on Thursday 29 November 2012, 09:50:59 am Me too.
I have activated notifications to this post to see if someone has a solution that will be very very welcome ;D Title: Re: How to create VLANs and protecting them with firewall Post by: gkos on Friday 30 November 2012, 04:50:32 am When you create VLANs and assign them to a zone, they are joined in a bridge.
You can configure bridge interface in System > Network Configuration and assign multiple IPs to this bridge. bear in mind that since it is a bridge, the traffic from one vlan would flow freely to another. What I am looking into right now is how to isolate the traffic in a bridge and stop intervlan communication. Sems like have to use ebtables to filter on the L2. I will post the solution if I find one here. The real question is where to put the custom rules, so every time the fw is reinitiated they get executed. Title: Re: How to create VLANs and protecting them with firewall Post by: LuizAngioletti on Friday 28 December 2012, 06:54:51 am Hello there!
I've had a similar problem. This is the way I solved it: 1) I did have to use VLANs, so I configured them in my Host OS (endian is running as a VM). 2) Every VLAN in the host is offered to the vm as a "real" connection 3) Every connection has a different zone: 3.1) The uplink is in the RED zone 3.2) The first subnet in the GREEN zone 3.3) The second subnet in the ORANGE zone 3.4) The third subnet in the BLUE zone 4) Adjusted the firewall rules for ORANGE and BLUE zones, so they would work as 'green' zones. Hope it helped. |