Displaying 20 results from an estimated 10000 matches similar to: "Proxy ARP"
2003 Jan 22
5
Proxy arp and pptp
Hi all!
I''ve set up a Linux box with shorewall doing proxy arp as per http://www.shorewall.net/shorewall_setup_guide.htm#ProxyARP the 5.2 (non routed) example. Everything is working great except for one thing, and that leads me to my question: is there a conflict between proxy arp and pptp? I''ve set the apropriate ACCEPT rules to allow tcp port 1723 and protocol 47 to the host
2004 Nov 04
2
nat ,dnat or proxyarp with heartbeat
Hi , I have a dude.
I have four nic. Lan, wan, dmz1 and dmz2.
I use proxy arp for dmz1 and work great. But in dmz2 have 2 machine with heartbeat. IP are type 192.168.x.x
If use nat work fine from wan to dmz2, but from lan ?? how to access valid ip ??
Sorry for my bad english :)
2004 Nov 22
10
routed vs non routed
In an effert move my Dmz from a snapqear roouter to Linux with shorewall.
Question is I have network 64.42.53.200/29
which makes default gw 64.42.53.201 network 64.42.53.200 broadcast
64.42.53.207
mask 255.255.255.248 and I want to set up shorewall with eth0 64.42.53.202
eth1 local eth2 dmz where dmz will use say 64.42.53.203 for web and email
server.
Where I do not need or should I say use
2005 Jun 18
8
getting my head around DMZ
Hello,
I have been running Shorewall for quite some time at an ISP client of
mine to protect his LAN. We have just upgraded to 2.2.4 and he now wants
to put his servers in a DMZ.
The servers have public IPs in two classes xxx.xxx.79.0 and
xxx.xxx.242.0. The public IP on the router for each class is
xxx.xxx.79.126 and xxx.xxx.242.126.
I am using masq and 192.168.1.0 on eth0 LAN
I have tried
2005 Jun 16
5
Setting up a routed DMZ
Hello all,
I''ve read the shorewall guides and browsed through the mailing
lists, but I haven''t been able to find out if the following is possible
or not using shorewall.
Our provider has given us 16 IPs + 4 in a separate range for our uplink.
I would like to replace that router with a Linux box running shorewall
with three interfaces. I want the DMZ to be a standard, routed
2012 Apr 16
6
problems with shorewall proxyarp
Hi everybody.
I''m trying to configure shorewall folowing this manual:
http://www.montanalinux.org/proxmox-ve-with-shorewall.html
But with shorewall check it tells me thah:
Checking /etc/shorewall/interfaces...
ERROR: Unknown zone (dmz) : /etc/shorewall/interfaces (line 16)
How can I define it in the zone file?
thanks for the help.
best regards,
Santiago.
2004 Jan 26
6
Usersets
Is anyone using user sets? I''m considering dropping support for them in 2.0 in
favor of just listing individual user/groups in the rules file.
Thanks,
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2005 May 30
13
RE: Proxy ARP working from Internet butnotfromfwand loc
Hi Alex, and thanks for your time.
Probably not.
The servers are only configured like they where when they where parallel to
the fw.
Just the default gateway, same as for the external interface on the fw.
That''s what the documentation instructed to configure the servers using arp.
But is it required with extra configuration on the server connected via
proxy arp?
Or is it some parameter
2004 Nov 01
2
dmz setup
I am trying to add a machine into my dmz. It is the first machine I''ve
ever added to this dmz and fro some reason I cannot establish
communication between the dmz and the machine.
Here is an example of my setup:
ISP router --> firewall (eth0)
firewall (eth1) --> local network
firewall (eth2) --> DMZ
eth0 and eth2 have public IP addresses as does the machine I just added
to
2004 Aug 16
3
Not sure how to configure Shorewall 2.1.3
I have an access-IProm my isp that I configured my eth0 with.
And I also have an IP-range assigned from my ISP that will be used on my servers connected to eth1. The IP-range is routed thru the access-IP.
This is how my configfiles look like. Internal everything seems to work but not external.
/etc/shorewall/proxyarp
#ADDRESS INTERFACE EXTERNAL HAVEROUTE
2003 Jan 02
1
mail server in dmz
Hi, in a three interface firewall I have
eth0, loc, 10.1.5.1/16
eth1, int, 200.41.61.228/29
eth2, dmz, 192.168.1.1/24
(un)fortunately I got a group of public ip?s to use, so here is my problem
in the dmz I have 192.168.1.3 redirected from eth1 alias 200.41.61.226 (a web server,
works perfect).
I am trying to set up a mail server also, a different machine, so I can?t use proxyarp, as
with this,
2005 May 30
2
Proxy ARP working from Internet but not from fw and loc
Hello everybody.
I could not find an answer to my problem in the archive. (But that may just
be me :-) )
I have a problem with proxy arp and connection from loc (localnet) and from
the firewall.
Works fine from internet to dmz / proxy arp and vise versa.
I have a feeling the solution is simple, but I''m no guru in Linux routing
etc.
The problem seems to be the routing setup.
loc -
2004 Oct 28
8
2 external IPs on one nic in addition to the regular DMZ and loc nics
I did some looking on the mailing list archives and can''t seem to find
exactly what I need, I''m also having troubles figuring this out on my
own, so if anyone has any advice, tips, whatever, that would be great.
I''ve got a machine with 3 network cards in it, one for a DMZ (with 3
machines on a switch each with a real IP address), one for the local
network on a
2011 Apr 15
1
Proxyarp vs DNAT
Hello list,
I am in the process of switching from IPCOP to Shorewall s the firewall
for our small office. I very much like the fact that Shorewall runs on
top of the same OS (openSuSE 11.4) that I run on the server and my desktop.
Our setup is fairly straightforward. We have 8 static ip addresses from
our ISP, which provides a cable modem and a Cisco 800 series router.
The ip addresses are
2004 Sep 07
11
Public IP issues
I have had Shorewall 2.0.8 up and running for a month or so. Now I need
to change some things around. Currently I am running on a private IP
scheme and Shorewall is setup based on the 3 interface guide. Now I want
to change to a public scheme on my "loc" zone. I have a /24 block of
public IP''s. I need my private scheme and public to co-exist so I
currently have is eth1 (local)
2004 Dec 07
16
Dmz
Hey Tom,
I have successfully set up to servers on a Dmz practice network woohoo
:).
If I take out the proxyarp option in /etc/shorewall/interfaces
Then Dmz can ping outside ip''s on the net but not and of my servers
on network 66.224.62.96/27 (Other than its own gateway server 66.224.62.120)
The reason I ask is to learn. I thought I would not need the proxyarp
option for this to
2004 Dec 06
12
Interface Configuration
Hello,
You may recall some of My Dmz question around Thanksgiving.
While I have configured a Proxy arp Dmz. I would like to practice
with the routed setup you suggested Tom as your network was
simular.
Here is one of your quotes "The configuration of eth2 is largely
irrelevant but you certainly don''t
want to confuse things by assigning any default gateway out of that
2003 Oct 19
2
Reg. Proxyarp & DHCP
My ISP has DHCP-assigned IP-addresses.
I wonder if someone has tried using proxyarp
for a DMZ with DHCP-assigned public IP?
2004 Aug 22
6
LAN to DMZ zone issues.
Hello all,
Name is Andrew and in desperate need of some info.
Setup:
- Mandrake 9.1 with three interfaces
(eth0 --> WAN) C-class /28 network (with tree virtual addresses which I
am DNAT-ing to the DMZ)
(eth1 --> LAN) A-class 10.0.0.0/8
(eth2 --> DMZ) A-class subnet 10.1.123.0/24
- Running stock Shorewall ver: shorewall-1.3.14-3.1.91mdk
Dilemma:
- LAN can not access the DMZ zone
2004 Dec 02
8
Ipsec and Proxy arp
I noticed the long standing Ipsec FSwan problem was fixed.
But do you still have to make sure Ipec is not running when shorewall starts
Reason I ask Is I could not get my Dmz working with Ipsec in the equation.
Thanks
Mike