Displaying 20 results from an estimated 1000 matches similar to: "recomended internal(wired) "interfaces" options??"
2012 Dec 29
10
How could I open Port 1701 for VPN l2tp/ipsec
Hello Mailinglist,
please excuse my bad english - but I am not a native speaker.
My Network looks like this:
Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X)
No I try to connect my iphone (from mobile Internet G3) over VPN
(l2tp/ipsec) with the firewall.
But I canĀ“t open the necessary Port 1701.
/var/log/syslog
...
Dec 30 00:24:29 router kernel: [226128.293757]
2009 Mar 04
1
MultiWAN & Vlans
Hello,
I''m trying to setup an 8 port wan configuration (pptp+pppoe) with one vlan trunk.
My internal networks are :
LAN(eth9): 10.0.0.0/16
VLAN10(eth9) 10.10.0.0/24
VLAN20(eth9) 10.20.0.0/24
VLAN30(eth9) 10.30.0.0/24
VLAN100(eth9) 10.100.0.0/24
I would like to post my configuration here since i don''t success to do the following:
1. Communicate between VLANxx to LAN
2006 Aug 01
34
Clients can't through to internet
I just setup the Shorewall in my school, but now all clients can''t through to internet, all servers can through to internet with NAT, when I disabled NAT that all servers can''t through to internet.
Below is my school network:
internet ---> shorewall ----> loc ---> ciso router ---> loc1
Below is my config files:
policy:
# If you want to force clients to
2012 Jan 02
2
Shorewall 4.5.0 Beta 1
Happy New Year, everyone.
With the new year, comes a new major version of Shorewall. The reasons
for opening a new version are:
1. The packaging and dependencies have changed in this release.
2. There are minor migration issues.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
2012 Jan 02
2
Shorewall 4.5.0 Beta 1
Happy New Year, everyone.
With the new year, comes a new major version of Shorewall. The reasons
for opening a new version are:
1. The packaging and dependencies have changed in this release.
2. There are minor migration issues.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
2013 Jun 10
0
Shorewall 4.5.18 Beta 2
Beta 2 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) This release includes all defect repair from Shorewall 4.5.17.1.
2) The following warning message could be emitted
2012 Mar 25
1
kvm and shorevall-init
Hello,
I''m migrating my laptop setup to a shiny new ThnikPad W520 and in the
process am getting rid of VirtualBox (marked by kernel maintainers as
"unsupportable crap" or some such) and shifting to virt-manager/kvm.
As with the old setup I am running shorewall-init exactly as the great
online documentation lays it out. BUT: with VBox it was enough to add
> net
2006 Dec 19
7
routing problem
hi,
Please see the following text diagram:
10.0.15.0/24 --> 10.0.15.1 (f0/1) cisco router (f0/0) 192.168.0.5 <-- 192.168.0.0/24 --> 192.168.0.1 firewall --> internet
I have some problem after added a static route
in shorewall in /etc/sysconfig/network-scripts/route-eth0, the syntax is:
10.0.15.0/24 via 192.168.0.5
in 192.168.0.0/24 computers cannot ping or
2011 May 24
1
L2TP ppp+ when using ppp0 for WAN
Hi, i connect to the internet over my eth4 interface using pppoe.
The internet always comes on ppp0.
I am trying to setup an L2TP/IPSEC VPN and i am reading http://www.shorewall.net/IPSEC-2.6.html#RW-L2TP
I notice in the example the interfaces file is given as:
#ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect routefilter
loc eth1
2006 May 16
1
Traffic Routing/Shaping Problem
Hi,
I''m trying to use Shorewall (3.0.6) to accomplish what I thought was going
to be fairly simple. Unfortunately, I can''t get the dmz to work correctly,
and I''m getting martians logged against the interface at issue.
Any help I could get would be greatly appreciated!
A picture of my physical setup is attached. I have also attached a shorewall
dump.
To make a long
2008 Mar 26
8
Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0
Hi, I am running OpenVPN where i have one central hub VPN server, and multiple spoke VPN clients. I can ping from each client to the server and each client to computers on the subnet which the server resides (192.168.2.0/24) so it works ok there. I cannot however, ping from one client to another client. I guess the packet path would go:
clienta -> vpn -> shorewall/router -> vpn ->
2005 Feb 08
15
Few questions
Hi,
I have a few problems with my shorewall configuration.
First of all, the option maclist seems no to be recognized.
I have this:
ghostwheel /etc/shorewall # cat interfaces | grep -v ''^#''
- eth1 detect dhcp,tcpflags,routefilter
loc eth0 detect tcpflags,maclist
When I look at shorewall-init.log, I found out:
2008 Mar 10
2
When starting shorewall its display rfc1981 error
Hello ,
The folllowing is the error problem:
Validating interfaces file...
ERROR: The ''norfc1918'' option may not be specified on an interface with an RFC 1918 address. Interface:eth2
The shorewall interface file:
net eth2 detect tcpflags,routefilter,norfc1918,nosmurfs,logmartians
P.S. I tried to remove norfc1918 from interface
2013 Dec 03
5
Multiple ISP + traffic shapping = poor download speed
Hello,
Thanks for the great Shorewall which has replaced my hard to maintain home-made scripts.
First, what works.
Our local network is 10.48.X.X with multiple vlan, each on a dedicated interface. We use Shorewall 4.4.11 from Debian Squeeze.
We have a 2 ISP:
- isp1 : an optical fiber provider with 10 Mbps.
- isp2 : a DSL provider with 15Mbits/1Mbits.
We use isp2 as the default outgoing
2007 Sep 03
3
Shorewall + IPSec: help debugging why gw1<->gw2 SA works, but loc<->gw2 traffic doesn't trigger SA
Dear list,
I''m running Shorewall on a dedicated Fedora 7 box. Shorewall is working
well as an office DSL router (dynamic IP) with loc and dmz zones. I am now
trying to configure IPSec to connect a VPS, "casp", with a static IP to both
the firewall and to the loc network behind it. The host to host SA works
fine. However, pings from "loc" to "casp" can be
2006 Aug 23
5
OpenVPN and multiple ISPs
I have a server, server A, with three NICs: two to the Internet via
separate ADSL modems, and one to the LAN. The two ''net'' interfaces are
configured as described at http://www.shorewall.net/MultiISP.html. This
has been working for a number of months.
I am now testing an OpenVPN link between server A and another (currently
single-ISP) server (server B). I can establish the VPN
2010 Nov 25
13
VLAN martians
I''m playing around with VLAN''s and I have a VLAN capable (layer 2) smart
switch. I see a steady stream of martians in the logfile if I have the
routefilter option set on the loc zone interfaces in
/etc/shorewall/interfaces. I have two interfaces in the loc zone, eth1
and vlan2 respectively. vlan2 is an 802.1q trunk going towards the switch.
Is this the expected behavior in
2011 Aug 05
3
Configuration for ppp0 and wlan0 (Standalone laptop - Debian Squeeze)
Hello,
I would appreciate any feedback/suggestions on my Shorewall configuration for a standalone laptop Debian Squeeze configuration for ppp0 and wlan0, set out below:
------------------
My current system:
------------------
I have successfuly configured Shorewall 4.4.11.6 on my standalone Debian Squeeze laptop for a ppp0 (Mobile broadband) connection using GNOME PPP, works great (refer to
2013 Aug 29
5
Docker Bridge - Howto deal with it?
Hello,
I have started playing around with docker (https://www.docker.io/) and am
having trouble to integrate the "docker0" bridge it creates on the fly into
my shorewall setup (version 4.5.16.1) on debian testing.
IP forwarding is on and I have defined a "doc" ipv4 zone and the interfaces
has an entry like so,
> doc docker0
2005 Feb 04
12
SW 2.2.0: 4 interface system, log reports impossible "IN=" and DROPS
This one is really throwing me. Thanks in advance for
any advice.
I''m working on a 4 port firewall system. It is
running heartbeat+drbd.
Primary box looks like this:
eth0 -> net/cicso router
192.168.144.2/29
eth1 -> drbd/heartbeat crossover cable
192.168.254.253/30
eth2 -> dmz
192.168.144.10/24
eth3 -> loc
192.168.101.2/24
The IP''s