similar to: 2-NIC DMZ?

Hi, I have the following config: 1 PC with 3 NICs, that shares internet connection to LAN. eth0 uses a public IP ($public_ip_1) eth1 uses a private IP ($private_ip) eth2 uses a public IP ($public_ip_2) I have a webserver and a mailserver accesible by $public_ip_1 (eth0) I have a LAN with all terminals using private IPs, and $private_ip (eth1) as gateway. $public_ip_1 and $public_ip_2 are from

Hi everybody, I'm trying to SIP register between two asterisk, each one have a Public IP. Asterisk told me that Unathorizae In * one sip.conf register =>usuario1:pass1@<public_ip_2> In * two sip.conf [usuario1] type=friend username=usuario1 secret=pass1 host=<public_ip_1> dtmfmode=inband Logs in * are the followings In * one logs: Sip

I did some looking on the mailing list archives and can''t seem to find exactly what I need, I''m also having troubles figuring this out on my own, so if anyone has any advice, tips, whatever, that would be great. I''ve got a machine with 3 network cards in it, one for a DMZ (with 3 machines on a switch each with a real IP address), one for the local network on a

Hello folks.. Does any of you know if it is possible to rewrite the ip src in a packet. I have a problem involving a DMZ with external IP addresses routed trough a single WAN IP. When the server initiates a connection, it looks like it comes from the WAN ip instead of it''s designated External IP routed through the WAN. So in short, Is it possible to rewrite the packet in the router,

Hi, Below is my Linux firewall network configuration: - eth0 - isp 1, IP: 1.1.1.10, Netmask: 255.255.255.252 eth1 - isp 2, IP: 2.2.2.10, Netmask: 255.255.255.252 eth2 - lan, IP: 172.16.0.254, Netmask: 255.255.255.0 eth3 - dmz, 192.168.0.254, Netmask: 255.255.255.0 isp 1 gateway: 1.1.1.9 isp 2 gateway: 2.2.2.9 Below is my iptables rules: - echo 1 > /proc/sys/net/ipv4/ip_forward iptables

Hello, I need some help about a routing problem on a complex configuration. The problem is that I can''t reach from services outside from my DMZ. The scenario is a gateway linked to three internet connections, so that I used three distinct iproute2 tables for routing. The gw is running ipvs for balancing over the dmz''s servers. DMZ servers are on 192.168.1.0/24 network, .

Hi all, I''ve got a BOX running CentOS 4.5. It acts as a firewall + router. I have installed both iptables and iproute2. I has 3 network cards. eth0 is connected to Internet (is has an internet ip. pls assume its ip is 1.2.3.4/29). it is a 256 Kbit link. eth1 is DMZ. its ip is 192.168.100.254 eth2 is LAN. Its ip is 192.168.101.254 I have alreday shaped traffic to 64 Kbit on eth1 for

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall ( i.e - its ip address - 1.2.3.4/29) to the internet ip

I''m a little confused about the many ways I''ve read that can be used for traffic load balancing, that is, two or more interfaces to the outside world being used transparently and efficiently by the internal machines. I heard about: a) netfilter SNAT to more than one IP. If I''m correct, this is only a round robin, that is, one connection goes here, the other goes there,

Hi, We have a 256 kbits/s (kilobits per second) link to the internet. it is a router running Linux that belongs to our ISP. They have given us 8 internet ips. (i.e- subnet is 255.255.255.248). one has been given to this router. I have given another internet ip to the firewall running CentOS 4.5. iptables is running on it. And also, I have installed iproute2 pkg as well. pls see below for

I am considering replacing my old checkpoint and watchguard firewalls witha single Linux box using iptables and shorewall. I have two ISP''s (with separate routing tables), two DMZ''s, at least one VPN to a remote office, and a local trusted network. The configuration will look like: +----------------+ | | net0 ----------+ eth1

ok i will do it in text: 66.92.114.46 eth0 209.141.2.194 eth1 192.168.119.101 eth2 192.168.120.101 eth3 What i have is a linux box RH7.3 which will eventually run Shorewall Firewall. On this box there is eth0 66.92.114.46 conneted to isp1 and eth1 209.141.2.194 connected to isp2 It also has eth2 192.168.119.101 and eth3 192.168.120.101 which will connect to a failover appliance which has 2 wan

I have a very simple setup exactly as described in the HOWTO section " 4.2. Routing for multiple uplinks/providers". One is cable (eth1: dhcp) and the other is PPPoE (ppp0). I used the following commands to configure the routing once all of my interfaces are up and i have configured SNATing for them: ip route add 66.11.173.0/24 dev ppp0 src 66.11.173.224 table 11 ip route add default

Maybe a strange request, I''ll try to explain this as clearer as I can (forgive my bad english, please :-) ). I''m setting a linux box as a router. My router uses multiple routing tables, so I can address the traffic from specific ip addresses of my lan to distinct ISPs providers (specifying a different default gateway fo r each table), marking packets with iptables

Hi guys, Can you take a look at this? :) +-----------+ | | eth1-|- | | -|-eth0---LAN--- | | eth2-|- | | | +-----------+ - eth0 is connected to the LAN having the IP=LAN_IP eth1 is connected to the first ISP having IP=ISP_IP_1 and GW=ISP_GW_1 eth2 is connected to the second ISP having IP=ISP_IP_2 and GW=ISP_GW_2 I need

Is the 192.168.1.2 an ip on the router? If yes, you''ll have to mark in OUTPUT, not PREROUTING, also, after you set up the rules and routes, did you an ip route flush cache ? I hope these works On Wed, 21 Jul 2004 20:02:32 -0700, Jens <jens@pacificsun.ca> wrote: > I have a particular problem that has caused me grief for some time now and > even though the answer is probably

Hello again, I may have a common problem to solve but it seems it is harder than I thought... I have 2 internet providers (each one having a different gateway). Behind the router there are around 100 clients that are SNAT-ed. I want some clients to be SNAT-ed to the first provider, while the others to the second one. The following lines should work: iptables -t nat -A POSTROUTING -s

Hello everybody. I''m running linux 2.6.19 with nth match to alternatively snat outgoing connections to two different ip addresses for load balancing between two adsl lines: Here is: $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport --dports 80,443 -m statistic --mode nth --every 2 -j SNAT --to adslA $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport

Dear all Lartc, I try to split my Internet access to my 2 ISP with 1 linux (GNU/Debian sarge) 3 NIC router, I want all my users conneted with ISP1 and just some IP connected with ISP2 Here is my configuration: Internal network: 10.117.71.0/24 Interface eth0 ISP1: IP for my linux box: 1.2.3.4/29 Interface: eth1 Gateway: 1.2.3.5 ISP2: IP for my

Hi, I have the my gateway with load balancing traffic going out over two providers. Web browsing is fine...working great. But, my clients (office staff) complains that MSN keeps disconnecting (in 5 mins). Why? Please help me... Regards, ro0ot