similar to: Simple question about zones (haven''t found in FAQ)

Hi, I have a simple question. I have my firewall with 2 external Ip and 1 lan. For example ISP1 FW LAN----Mail Server ISP2 Ok, when i DANT the smpt port to my mail server, I can see that the conection in my mail server comes from the external IP of my ISP. I need to change this so the conection to my mail server cames from the LAN IP from my firewall Is this possible?

Hi, I am migrating from one ISP to another, and would like to run both simultaneously for a while. So: (both netmask 255.255.255.248) [ISP1] 24.106.62.180 [ISP2] 209.181.237.230 | | | | \ / -----[ HUB ]----- | | -------- eth0 --------- | Linux FW/Server | ---------eth1 --------- | | [ HUB ] | 10.0.0.x/255.255.255.0 The default IP on

Hi, in my lan I have two firewall, fw1 is the first and manage inte-vlan routing. Fw2 manage internet and dmz. fw1 and fw2 have an interface (eth4 for both fw2 and fw1) on the same subnet that permit to the host behind fw1 to reach internet, my problem is on fw2: eth4 is the NIC that connect fw2 and fw1, I would''t like masquerading hosts behind fw1, so to eth4 of fw2 arrive all

Hi, I hope this is not OT. I searched through the archives but didn''t find anything really answering my question. I want to create a cluster of two firewalls with Linux-HA so that if the primary fail, the secondary firewall will take over. Note that I don''t care about syncing states between firewalls, they will just have to reconnect :) It''s a typical

My mission is to get one * box to dial another * box' extensions. I have set this up previously without any issues by making a simple IAX trunk/extension pair on the two boxes and create a dial plan with a prefix like 9|XXX to select an extension on the other box. My problem is that I now have to do this with extremely restrictive firewalls thrown into the mix - firewalls I have no control

Hello, Thanks for the great Shorewall which has replaced my hard to maintain home-made scripts. First, what works. Our local network is 10.48.X.X with multiple vlan, each on a dedicated interface. We use Shorewall 4.4.11 from Debian Squeeze. We have a 2 ISP: - isp1 : an optical fiber provider with 10 Mbps. - isp2 : a DSL provider with 15Mbits/1Mbits. We use isp2 as the default outgoing

I have a rather unusual setup within which I'd like to run samba. At this point I have: a) 3 networks (all private IP's) b) net1, net2 are interconnected by a router. net1 has a host that also acts as a WINS server and is local master, domain master, preferred master for it's group. (linux slack7.0, samba 2.0.5) router between net1, net2 has an IP in each network and samba

Hello,I have single linux router ( fedora core 1 ), 2 ISP, 1 internal network,1 IP space from every ISP My scenario: eth0 1.0.0.2 netmask 255.255.255.252 -> ISP 1 eth1 2.0.0.2 netmask 255.255.255.252 -> ISP 2 eth2 1.0.1.1 netmask 255.255.255.0 -> IP space from ISP1 eth3 2.0.1.1 netmask 255.255.255.0 -> IP space from ISP2 Config I try: /etc/iproute2/rt_tables: 10 isp1 20 isp2 ip

I don't get this. I am using a freshly installed copy of Fedora 19 and starting up glusterd for the first time. The goal is to have a replicated directory on two systems. But for right now, I can't even start up the glusterd daemon right out of the box. Trying to follow the Quick Start directions at http://gluster.org/community/documentation/index.php/QuickStart is, well, challenging.

I need to route: from 196.33.50.0/25 (default route) to ISP1 from 196.33.248.0/24 (default route) to ISP2 ISP1 --------- fire --+---- 196.33.248.0/24 / | ISP2 --------/ +---- router ----- router ----- 196.33.50.0/25 What I''ve done: Default route via ISP1 created routing table ISP2 for default route via ISP2 I would like to do the following but they get

Hi there. Currently, our network design has two ISP lines and 3 subnets for LAN. Below are some details :- eth0 - isp1 eth1 - isp2 eth2 - subnet1 eth3 - subnet2 eth4 - subnet3 What i wanted to do is to assign incoming port 80 to our local squid server running on the firewall itself and assigned it to eth0(ISP1). I think it shouldnt be a problem as /etc/shorewall/rules provides a sample of the

Hi, I want to configure QoS in my shorewall conf but I have a doubt. Now I am using tcrules with prerouting and with the file providers, like this. 2:P 192.168.0.11 0.0.0.0/0 tcp 25 So, with this way I route my smtp traffic with my provider number 2. Well, now I want to configure QoS with tcclasses and tcdevices, but if I do that I need to use the MARK in the tcclasses So, how

Hi all, I have managed to setup a Fedora 7 box with 3 ethernet cards and two ADSL modem/routers from different suppliers as LARTC recommends. I am able to direct traffic for specific internal IPs either to one or the other ADSL line. However, I am faced with two problems I am struggling for the solution: 1. I have opened a few ports on the ADSL router/firewalls to talk to internal hosts; say when

hello, i have 2 links to the ISP of 128kbit each, and i want to balance the trafic between them, but not staticly (local ip1-5 throw isp1, and the rest to isp2). I though at a ingress clasification, then routing by the mark, and at the exit nat (yes i must do nat :(((, but the clasification must be flow based, and i dont know how to do it. C _______________________________________________ LARTC

Hi, At office, we have I ISPs. I want to lightly monitor each link latency in order to decide several routing. For that, I have only one external server: 1 IP, it's an OVH dedicated server. The quick picture is http://s24.postimg.org/n3436z64l/defaul_route.png Default route is via ISP1. If OVH-server pings IP1: - the request will go through ISP1: it's OK - the reply will go through

Hi all, I need my servers to decide which network they are in (i.e. dmz), and the only clue is the servers IP-address. I was trying to accomplish it like this, but it doesn''t work: case $ipaddress { "10.1.1.*": { $network = "net1" } "10.2.2.*.*": { $network = "net2" } "10.3.3.*": {

I set up this config: +------+ -+ ISP1 +--+ +------+ | +-------+ +--+ linux | +------+ | +-------+ -+ ISP2 +--+ +------+ No problem. Standard setup with two ISP''s. Both routed subnets. Default gateway is ISP1. No magic here. Now I put a server behind the Linux box. I want the server to be reachable on an /extra/ IP in the routed subnet of ISP2. +------+ -+ ISP1

Hi, I can''t get traffic shaping working. This is my situation: -------- ------ Net1 ----- |router| -------------------- | TC | ----------- Net2 -------- leased line ------ eth1 eth0 We use the leased line for normal traffic but also for synchronisation between 2 servers. The leased line is 2mbit. The synchronisation

Hi all, I have a similar question like many asked before I know but Please help as i cant figure out where the problem is and how should I tackle. I have 2 ISP connections. I want to share the bandwidth from both. I have copied the script from many places and created my own after changes. Problem is that only one connection is utilized at a time. Not both working. ratio of consuming

Hi! I have read all informations i could find, but some things are still not clear. My setup is: ---INTERNET1(eth0)-\ /- Local net1 (eth2) GW ---INTERNET2(eth1)-/ \- Local net2 (eth3) I have NAT and a working setup using HTB,SFQ, classifying with the iptables -j CLASSIFY way. I shape only the traffic coming from the internet heading to the intranet. I would like