similar to: ip alias + dsl modem

I have a setup with two Internet providers. One circuit (net0 == eth1) is used primarily for employees and tunnels to other sites. The other (net1 == eth2) is for the production machines that customers access. Everythung works in teh sense that packets get to where they are sent (mostly) but I recently I had a sniffer on the system and noticed a problem I cannot solve. traffic coming in

We switched over from a bordermanager firewall to a shorewall firewall. Some stuff is not working now. I realized that I had not created the route for the network that is not working however once I created it, it still didn''t work. Most of our network is fine however some pieces are not working. [Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not working] The firewall

Hello, I've been trying to implement a bridge in place for a clustered firewall at one of our office locations. Currently we NAT two class C's internally. We decided, for performance reasons, that it would make sense to put our servers into an official DMZ. So we started this bridging project. Our goal is to have two redundant firewalls in place. There is no need for active/active.

Hy, sorry for my poor english i think i''m having a very unusual problem and very dificult to track, but i''ll try to explain it as best as i can. here is my scenario: a firewall/bridge composed of 3 ethernet devices and 1 virtual one. my bridge (br0 ) is composed of eth0, eth1 and tap0 br0:eth0 is my connection to my router (200.244.92.1) br0:eth1 is my connection to my

Hi everybody I have a Problem with Masquerading from my local net (loc) to my VPN (loc2). I can reach every Service from loc2 in loc, but I can''t get reach any service from loc in loc2. Has somebody an Idea where my mistake is ? Without shorewall, it was working. Thanks for helping Lars Technical Information : Shorewall 2.0.13 Suse 9.0 *177.177.77.X The first 3 Counts are changed

Hello Tom, I''ve been using Shorewall for years without problems. My previous version of shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using rpm to 2.0.8-1. After update no one can connect to any interface from net. Server can connect to outside world fine and those described in routestopped have no problem connecting. Any help correcting this problem would be

Hello everybody. I could not find an answer to my problem in the archive. (But that may just be me :-) ) I have a problem with proxy arp and connection from loc (localnet) and from the firewall. Works fine from internet to dmz / proxy arp and vise versa. I have a feeling the solution is simple, but I''m no guru in Linux routing etc. The problem seems to be the routing setup. loc -

Shorewall 4.5.1.1 I have 5 interfaces on a centos box, the first two are internal on two different subnets, the next two are two different ISP''s and the last one is a private network for testing and administration. The second internal subnet (eth1) is rejecting all the arp requests to it and I get the following in the log files ever second or two - May 16 05:28:54 services kernel:

Hello, I''m working on a Shorewall-1.2 setup on a _remote_ debian (woody) firewall with several live web and mail servers behind it. I know doing this remotely is a *really* bad idea, and I''d rather not be in this situation, but so it goes... Worst case scenario, I lock myself out and have to drive an hour to get physical access to the machine and restore service. Anyhow,

Having a problem with the 3 interface setup. I can get DMZ hosts, and FW to see internet, but anything on LOC interface is unable to get out. My first post to the list didn''t have the information needed, sorry for that, but thank you for pointing me to more resources. I''ve looked at the problem myself some more, but am still stuck. Shorewall Version: 2.2.1 ip addr show 1:

Hello, I cannot establish Xserver connection via wireless subnet, while telnet is working fine. There was a similar problem before in Shorewall over IPSEC that Tom had fixed. Also, ping is working, but traceroute is not. Finally, PuTTY gets a connectivity error after couple minutes of inactivity over wireless when connected to the firewall/gateway. Wireless is configured per instructions in

I have searched your FAQ''s and read the documentation on your site as well as googling. I am not able to figure this out. If you have any ideas can you please help. I am using the linux-ha failover with redundant firewalls. As part of the function of the linux-ha software consists a service called heartbeat which is a connection from each failover node through a serial cable or ethernet.

Hello Lartc Mailing List: Been working on something the last week and a half and ALMOST have it working.., just need a few pointers from the wizards on this mailing list to nail it. Ok, my setup is a hub and spoke arrangement, hub is Cisco 2821 with IOS 12.4. Spokes are ruggencom RX1000 routers, Debian based with the following versions installed: rx1000test:~# uname -a Linux rx1000test

Hi, I have a proxy/firewall, I want to dnat requests for 193.205.140.106 on port 443 towards 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 towards 10.2.15.25, these rules must apply from internet, loc and fw (some client use a proxy on fw to reach these servers) I have tried with the following rules: DNAT net dmz:10.2.15.23 tcp 443 -

I'm pretty new to KVM and have a KVM CentOS 7.1 hypervisor running a few VMs. I'm moving all my VMs from an ESXi host as I want to use KVM in future. Most of my VMs are working except for one which is running a Sophos UTM router (Sophos UTM is similar to products like pfSense <https://www.pfsense.org/>, Smoothwall <http://www.smoothwall.org/> etc). The host has 3 physical NICs

Hello Tom, I have successfully configured proxy arp subnettinng on my network with three hosts in a Dmz. And it works great. (using proxyarp in interfaces) I also tryed this on network below same trouble. However for this network below I have tryed to configure one host in a Dmz (using /etc/shorewall/proxyarp) which works and comes up after I set it up and clear Isp''s arp

Network Configuration issues I''ve been working on this for 2 days PLEASE HELP! I am having the following issues with network configuration and I cannot ping the external interface to begin troubleshooting the network configuration. I know that the ISP''s router is configured correctly since I have attached it to a small Linksys firewall and was able to ping the 66.240.207.226

Hi, I'm not sure what sort of diagram you mean, but I'll have a try. Does this help? It sounds like I need to do something to enable routing on what I've labelled "NIC3" on the diagram - can you please explain what I need to do? [image: Inline image 1] Regards, Phill On Tue, Sep 1, 2015 at 4:53 PM, Ajey Gore <ajeygore@gmail.com> wrote: > Can you please drop a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The original post was over 300,000kb so I didn''t spam the list with it -TE. | | | Thank you for your quick and helpful response. | | I didn''t understand that the virtual interface eth0:1 doesn''t count as a separate instance from eth0. | I am sorry to ask for further assistance and would appreciate any help. The error

I am not a member of the mailing list. Shorewall version 2.0.9 ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000