similar to: Multiple interfaces in a zone (not a standard case)

Displaying 20 results from an estimated 120 matches similar to: "Multiple interfaces in a zone (not a standard case)"

2016 Apr 21
2
FirewallD issue
On Thursday 21 of April 2016 2:37:49 PM Gordon Messmer wrote: > On 04/21/2016 01:33 PM, Marcin Trendota wrote: > > It's OpenVPN on chamber. > What port is it using? I don't see the standard port listed in your > firewalld rules in either zone. 1194/udp. I added service openvpn and port 1194/udp (just to be sure) to both zones - no change. [root at chamber openvpn]#
2007 Jan 03
2
An interface can reference multiple zones...
Via creative use of the instructions at http://shorewall.net/Multiple_Zones.html#id2497549. But can a zone (in shorewall/interfaces) reference multiple interfaces? I have two openvpn instances running on my server, one bridged (for upstream access to some client vpn''s so I don''t have to request the clients add new subnets to their routing tables) and one routed (for nailed
2017 Dec 29
5
OpenVPN server and firewalld
How do I insert the iptables rule below using firewalld? I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying to get OpenVPN working to allow home workers to access PCs at the office. I've got it all working but only by manually inserting an ACCEPT rule in the FORWARD iptables chain: iptables -I FORWARD 3 -i tun+ -j ACCEPT This rule was extracted from my iptables
2003 Feb 25
2
Shorewall openvpn support
Hi, We''re using openvpn on our firewall box to contact several networks. The idea is to use it for approx 10-15 vpn''s.. But.. Do we have to define a tunX device and an interface + zone for ''each'' VPN connection? It seems to me yes, but .. Doesn''t that make the interfaces/zones file a little bit complex or overpopulated? Just wondering because in my
2016 Apr 21
2
FirewallD issue
On Thursday 21 of April 2016 9:08:09 AM Gordon Messmer wrote: > On 04/21/2016 03:11 AM, Marcin Trendota wrote: > > But from host in another location (connected through VPN): > What host serves the VPN? If it's another host, how is that host > connected to the router? If it's "chamber," what type of VPN is it? It's OpenVPN on chamber. I've just noticed
2016 Jan 20
3
snat packet going out a bridge
Hi List, I am running into a problem where I have 2 interfaces bridged with and ip address assigned. I have another interface in which traffic has ingress traffic that needs to go out the bridged interface. I am trying unsuccessfully to SNAT the traffic leaving the bridge interface to its assigned address. # brctl show xbrdg0 bridge name bridge id STP enabled interfaces
2007 Mar 04
13
[Bug 552] Strange DNAT behaviour... packet don't pass to PREROUTING and go directly in INPUT !!
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=552 ------- Additional Comments From cbettero@ciditech.it 2007-03-04 21:48 MET ------- This problem prevents AJAX web sites to be hosted on the internal web server, because many packets will be dropped instead of passing into PREROUTING chain... -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
2013 Jun 13
3
"Multiple Internet Connections" with four interfaces
Hi, I was reading document http://shorewall.net/MultiISP.html#idp3634200. Inspired by the document I was trying to establish the following changes: * one additional interface: COMA_IF * COM[A,B,C]_IF interfaces request IP address via DHCP * all non-RFC 1918 destined trafic is NATed from INT_IF to COMA_IF * all non-RFC 1918 destined trafic from GW is routed via COMB_IF by default * non-RFC 1918
2004 Oct 08
4
Problem with VPN routing from internal network
Hi folks, I have the two firewalls (Slackware current) in differnt cities connected via OpenVPN. I can ping the network behind server firewall from client firewall server. But how to route/iptable network traffic from the network behind client firewall to see the netwrok behind server firewall? Thank you Remus
2005 Feb 15
1
Shorewall reporting with rrdtool and human readeable iptables output problem.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everybody, this is my first post here, i''ve just syubscribed and i woud like to ask a question. i''m running shorewall latest version with mrtg and rrdtool, with the perl shorewall-stats.pl for reporting. the problem is that the pearl gets the stats by the shorewall show command and it''s human readeable bytes form, so
2007 Aug 08
1
SERIOUS PROBLEM - Root Account Locked
My root account keeps getting locked out automatically. I am running Samba 3.0.25b on a CentOS server, as PDC with LDAP backend. I have accounts set to lock after 8 un-successful login attempts. I zeroed out the bad password count, and then in less than a few seconds the account gets locked again and a /pdbedit -Lv -u root /yields the following: Unix username: root Logon time:
2012 Jan 21
1
squid transparent proxy problem
Greetings, I installed a squid 3.1.10.i686 squid to a centos 6.2i686. The proxy is working fine with the default config. After I decided to use it as a transparent proxy, I added two lines to config: http_proxy 10.0.5.1:3128 transparent, always_direct allow all http_port 10.0.5.1:3128 transparent # # Recommended minimum configuration: # acl manager proto cache_object #acl localhost src
2006 Aug 28
0
[Bug 507] New: tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 Summary: tun99 don't trapped by tun+ Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ip_tables (kernel) AssignedTo: laforge@netfilter.org
2017 Dec 29
1
OpenVPN server and firewalld
On Fri, Dec 29, 2017 at 10:32 AM, Kenneth Porter <shiva at sewingwitch.com> wrote: > How do I insert the iptables rule below using firewalld? > > I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying to > get OpenVPN working to allow home workers to access PCs at the office. I've > got it all working but only by manually inserting an ACCEPT rule in
2004 Aug 06
9
how to define a dozens of interface as one zone
hi, we use openvpn as for our vpn endpoints and we''ve got about 70-80 vpn connections which means we have tun0 - tun80 interface. i''d like to define one zone for all of our vpn connections how can I do that? actualy our local zone is 192.168.0.0/17 (not 16) and all of the vpn''s are in 192.168.128.0/17. our should i define somehow the local zone as 192.168.0.0/16? but in
2003 Nov 05
0
Bug? wildcard interfaces not accepted in fwd chain
Hi, [Summary] There seems to be a bug when using the "+" wildcard notation in the interfaces file, in that rules are not generated in the fwd chain to permit traffic going out an interface with a "+" in it. [Details] The interface entries: loc tun0 detect routeback,newnotsyn loc tun1 detect routeback,newnotsyn loc tun2
2020 Jun 28
0
Port forward internal host not working
Hi, I am trying to reach a Raspberry Pi on my physical LAN (192.168.10.132), via OpenVPN, from the internet. The Internet host is 154.77.x.x. This is also the OpenVPN router, 10.8.0.1. The Pi is on 10.8.0.203. I am trying to reach port 3000 from the internet. >From the CentOS 7 server, I can access the Pi over OpenVPN: root at ns1:[~]$ telnet 10.8.0.203 3000 Trying 10.8.0.203... Connected
2006 Aug 29
7
[Bug 507] tun99 don't trapped by tun+
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=507 kaber@trash.net changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From kaber@trash.net 2006-08-29
2009 Aug 21
0
1 zone with multiple interfaces (special case)
Hi, I got an existing solution with shorewall where I can differentiate tun10 from tun+ as different zone. For example: /etc/shorewall/zones A ipv4 B:A ipv4 /etc/shorewall/interfaces A tun+ B tun10 Now, I have a requirement to add tun11 to zone B. When I do this in interfaces config: A tun+ B tun10,tun11 It doesn''t like it (although it''s ok when performing
2008 Feb 11
2
OpenVPN traffic will not be routed into network / as DefaultGW traffic ... with 1 NIC
Hello! I''ve the following set-up RemoteClient1 (Win Vista), RemoteClient2 (Win XP) do both connect to my OpenVPN box. They can talk to each other, using their 172.16.1.x tun0 Address on the server. The server itself (Ubuntu gutsy, OpenVPN: 2.0.9-8, shorewall:3.4.4-1) has 1 NIC that connects the machine to a) a DSL-router (forwards several ports to this linux machine, including the