Displaying 20 results from an estimated 30000 matches similar to: "VLAN Support"
2004 Sep 03
7
Shorewall as a "commercial" firewall
I am considering replacing my old checkpoint and watchguard firewalls witha
single Linux box using iptables and shorewall. I have two ISP''s (with
separate routing tables), two DMZ''s, at least one VPN to a remote office, and
a local trusted network. The configuration will look like:
+----------------+
| |
net0 ----------+ eth1
2004 Sep 22
3
2.6 kernel ipsec and shorewall
I set up an ipsec/racoon vpn tunnel test environment. The gateway machines
are 192.168.0.30 and 192.168.0.31 on the external adaptor and 10.0.1.1 and
10.0.2.1 internally. The test workstations are 10.0.1.10 and 10.0.2.10.
The tunnel seems to be working as in 10.0.1.10 can talk to 10.0.2.10 an vice
versa and they can both use the net via NAT, however 192.168.0.30 and
192.168.0.31 cannot directly
2003 Mar 22
22
SecuRemote and Shorewall Problem
Sat Mar 22 14:16:55 CST 2003
This post is a bit long, but I want to make sure
I am providing the information up front that can
help in others helping me solve this mystery.
I am having a bit of difficulty getting Shorewall
to work with SecuRemote and its FW-1 server. I
have attached the "rules" file I am using and the
output of "shorewall show nat". The diagram below
2004 Sep 24
10
hopeless - smb over bridged firewall
Dear List!
I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection
to the Internet (ppp0 - eth1 to the modem) and a bridge to the local
lan. The bridged config i''ve made with bridge.html from the shorewall
site. The Bridge is between local net and a openvpn tap device. This
works. I ccan make tunnels, and a can make a lot of things through the
firewall. I can get a list
2004 Nov 05
8
Using Shorewall + Linux Virtual Server LVS/DR
I''m havign a HUGE amount of difficulty getting shoreline to work with LVS.
We use it here constantly so we know it works. The problem is packets come
in, get directed to a webserver, webserver returns the packet to firewall,
and then it goes into a black hole. rp_filter is off globally on all
interfaces. LVS seems to be working right....
I use shorewall tcrules to mark packets on
2004 Dec 14
4
ipsec-netfilter patches for 2.6.9
The patches may be found at:
http://shorewall.net/pub/shorewall/contrib/IPSEC
ftp://shorewall.net/pub/shorewall/contrib/IPSEC
I found these patches on the netfilter-devel list and make no warranties
as to how well they work (or not).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP
2008 Feb 18
9
Advice on vlans and pppoe
My telco is moving to feeding me over fiber, breaking out with a media
converter to one Ethernet interface. At present, I am retaining the
static feed over copper on eth0, and taking the two new feeds via vlans
on eth1. I have configured the static IP feed on eth1:790 as vlan 790,
and that seems to be fine, and eth1:780 as the PPPOE feed, and brought
up PPPOE to give me an IP, that is
2015 Jan 06
2
[RFC] [PATCH] Mode=Switch: add per-VLAN forwarding database
Hi,
I'm inter-connecting AccessPoints using a tinc mesh and have bridge-nodes to bridge this vpn into some existing backbone.
The AccessPoints bridge their users into 802.1q VLANs (per WiFi-Client, there can be multiple VLANs active on each AP) in the tinc mesh, and the bridge nodes bridge some vlans into the backbone.
Now there is a router in the backbone that uses the same MAC on all VLANs,
2009 Jul 28
3
Fully virtualized domU Linux network (VLAN) trouble
Hi,
I have a 64bit Debian Lenny server with two physical network interfaces,
one is connected to a switch without VLANs (eth0), the other (eth1) is
connected to a switch with tagged VLANs (eth1). I''m running a couple of
paravirtualized VMs that have no problem using the eth0 interface
(bridged). I''m also running a couple of fully virtualized VMs, one being
a Linux box (with a
2010 Jul 01
2
Kickstart from tagged VLAN?
I've searched around but haven't found a definitive answer yet, is it possible to kickstart from a tagged VLAN? I found this bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=431915
But I can't find out how far the vlan support goes. I haven't found anything about it in any kickstart docs.
I have two tagged vlans:
Vlan 100 - server subnet
Vlan 101 - backup subnet
From
2015 Jan 24
3
VLAN issue
Do you need the whole configuration? On the switch end, we have the
relevant VLAN (VLAN 48) with the assigned IP address of 192.168.48.101 and
the range of ports (Gi1/0/1 - Gi1/0/8) assigned to that VLAN.
Seems - and acts - like a legitimate setup and works fine, except for this
particular instance.
Thanks.
Boris.
On Fri, Jan 23, 2015 at 8:54 PM, Dennis Jacobfeuerborn <
dennisml at
2015 Jan 07
2
[RFC] [PATCH] Mode=Switch: add per-VLAN forwarding database
Hi,
thanks for the feedback.
> This is an interesting problem. I wonder how you would solve it if you
> would have a real (managed) switch instead of tinc to connect the
> access points and bridge nodes together?
in the backbone we have HP ProCurve switches and all of them (except for
the oldest series from more than 10 years ago) separate their forwarding
database per vlan. HP calls
2010 Nov 25
13
VLAN martians
I''m playing around with VLAN''s and I have a VLAN capable (layer 2) smart
switch. I see a steady stream of martians in the logfile if I have the
routefilter option set on the loc zone interfaces in
/etc/shorewall/interfaces. I have two interfaces in the loc zone, eth1
and vlan2 respectively. vlan2 is an 802.1q trunk going towards the switch.
Is this the expected behavior in
2009 Jul 31
2
Can I bridge a bonded and vlan tagged interface directly to a guest?
I am running CentOS 5.3 x86_64 as my dom0 and CentOS 5.3 on my domU's. On
the dom0, I have two interfaces that are bonded and have tagged VLANs. I
can get the networks to the domU's by creating a bridge for each of the
VLANS (bond0.3, bond0.4, etc). On the domU, the interfaces show up as
eth0, eth1, etc.
Is there a way to set up the network on the dom0 so my domU's see a single
2004 Sep 01
11
IPSEC VPN clients on local network
I have problems connecting IPSEC VPN clients on the masqueraded network
to outside VPN servers.
It looks like this:
ipsec-user
| 192.168.1.10 (DHCP assigned)
|
| 192.168.1.1
fw-1 (shorewall, Linux 2.6)
| 20.20.20.20
(internet)
| 30.30.30.30
fw-2 (IPSEC VPN endpoint)
| 192.168.100.1
|
| 192.168.100.2
server
ipsec-user (a road warrior) is supposed to create an IPSEC tunnel to his
home
2004 Dec 01
7
shorewall and approx 70 VLANs
Well.. I''ve been using shorewall since a few years now, but the first
time involved in making it work with (a lot of) vlan''s.
The problem is, we''ve got approx 70 vlan''s on a switched cisco network,
working fine. The only ''problem'' is the time it takes when we do a
shorewall restart.. Each vlan is configured as a separate interface and
2019 Mar 13
1
vlan tagging for openVSwitch
hi everyone,
I'm trying to get vlans tagged in libvirt as my switch's end (yes
traffic will be leaving the host and into network switches) allows only
tagged vlans.
But with network as such:
...
<portgroup name='vlan-55'>
<vlan trunk='yes'>
<tag id='55'/>
</vlan>
</portgroup>
</network>
and guest as:
2015 Jan 24
3
VLAN issue
Andrew and Dennis are spot on.
Their conclusions about your server being connected to an access port and
not a trunk port would be my conclusion as well.
On Sat, Jan 24, 2015 at 9:11 AM, Dennis Jacobfeuerborn <
dennisml at conversis.de> wrote:
> Hi Boris,
> what I'd like to know is the actual VLAN configuration of the switch
> port (link-type and tagged and untagged VLANs).
2015 Jan 24
2
VLAN issue
Steve,
Thanks, makes sense.
I just don't see why I have to effectively waste an extra IP address to get
my connection established.
Boris.
On Fri, Jan 23, 2015 at 7:16 PM, Stephen Harris <lists at spuddy.org> wrote:
> On Fri, Jan 23, 2015 at 07:10:57PM -0500, Boris Epstein wrote:
>
> > This makes two of us. I've done everything as you have described and it
> >
2009 Dec 10
2
multiple vlan in dom0 and domu
Hello,
I use a script network-multi vlan and network-bridge-vlan for multiple
VLANs in domu.
Several domu uses the bridge vlanbr30. Need to dom0 as was in this
vlan''e. How? I tried to put a bridge interface ip, but with him until
the rest domu in vlanbr30 not get through. How to understand the need to
create a virtual interface (vifx.y) and add it to the bridge vlanbr30. How?