similar to: one physical machine and two virtuals and two netwroks

As I received no response on the general CentOS list, I'll repost it here as the question is about Xen virtual machine routing. This is my network setup: http://pastebin.com/kyWpTQYU Lets assume my dom0's eth2 public ip is 1.2.3.33 and my dmz network 11.22.33.96/255.255.255.224 . I have created NAT from my LAN with iptables. You can see my /etc/sysconfig/iptables here:

Hi, I have a shorewall v4.0.7 installation on an older version of fedora. What is the proper way to add another network to the DMZ interface? Is it through virtual networks? If so, how is that done, given I''ve already designed the system around a single network on the DMZ? I have two physical interfaces on the firewall, with eth0 for external (192.168.1.0) and eth1 for the DMZ

I am not quite sure if this issue relates to iptables, routing or Xen virtual machines. Too many variables for my simple mind, so I'm asking some advice :) This is my network setup: Internet --- eth2 + CentOS dom0 / firewall / router + eth1 (xenbr1) --- LAN with private IPs --- separate file server and workstations + eth0 (xenbr0)

Greetings to all, I've got a quick question regarding the RODC functionality. We have a web application in the DMZ, which has to use the user authentication from our domain. So we want to use the LDAP backend to talk to the domain and check the credentials. The problem we are running into right now is that the webserver can not talk into the LAN and make requests via LDAP. So we searched for

Hello, I am having some routing troubles with my Xen setup. I have two domUs, one running as a firewall and another running as a dmz: The dom0 has the following: - eth0 bridge (10.0.0.3/24) The domU-firewall has the following: - Direct passthrough PCI NIC (Public Internet) - Virtual NIC connected to the eth0 bridge on dom0 (10.0.0.1/24) - Bridge called brdmz for the dmz zone (10.0.2.1/24)

I'm looking for some information regarding the interaction of KVM, VLANs, firewalld, and the kernel's forwarding configuration. I would appreciate input especially from anyone already running a similar configuration in production. In short, I'm trying to figure out if a current configuration is inadvertently opening up traffic across network segments. On earlier versions of CentOS

In an effert move my Dmz from a snapqear roouter to Linux with shorewall. Question is I have network 64.42.53.200/29 which makes default gw 64.42.53.201 network 64.42.53.200 broadcast 64.42.53.207 mask 255.255.255.248 and I want to set up shorewall with eth0 64.42.53.202 eth1 local eth2 dmz where dmz will use say 64.42.53.203 for web and email server. Where I do not need or should I say use

I did some looking on the mailing list archives and can''t seem to find exactly what I need, I''m also having troubles figuring this out on my own, so if anyone has any advice, tips, whatever, that would be great. I''ve got a machine with 3 network cards in it, one for a DMZ (with 3 machines on a switch each with a real IP address), one for the local network on a

Hello, I''m new to Xen (and this mailing-list) and facing some problems with the network. I''m stuck and don''t know how to continue. And Google isn''t very helpful either... My setup: - Ubuntu 7.10 for dom0 and Debian 4.0 for all domU - 4 physical NIC (DHCP from my ISP, internal LAN, DMZ & WLAN) - 1 Dom as firewall/router - 1 domU with internal services

Hi, i wonder if there is any need to install shorewall on a machine located in the dmz zone of shorewaal. ( 3 interfaces example) mess-mate -- You are a fluke of the universe; you have no right to be here. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE

On Fri, 17 May 2024 12:36:33 -0300 Gilberto Ferreira via samba <samba at lists.samba.org> wrote: > Hi there. > I have two samba servers, let's say srv01 and srv02. For that matter, > both are Zentyal Server 4 and 8, respectively. > In the srv01 there is samba version 4.1, which is in the network > 182.168.200.0/24, and which is by the way also the gateway to both >

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=400 ------- Additional Comments From pila@pilasecurity.com 2006-06-08 10:03 MET ------- I had the same trouble yesterday. It's very useful to have vlan over bridges. Think this situation: 1- You have a cluster of firewall 2- You have a DMZ net with two switches for redundancy 3- You have two nic on your firewall to connect to each

I have a three interface network (net,loc,dmz). The internet interface (eth0) has a static IP. Windows machine in the local network (eth1) use DHCP to get IPs from the 192.168.10.0/24 netblock. The Debian machine in the DMZ (eth2) gets a fixed IP through DHCP in the 192.168.11.0/24 netblock. The DHCP server is running on the firewall machine (not ideal, I know, but that''s the way

I made a boo boo in my config and put in this rule #PPTP DNAT net:213.67.241.162/217.209.46.204/32 loc:192.168.221.200 tcp 1723 DNAT net:213.67.241.162/32,217.209.46.204/32 loc:192.168.221.200 47 - And the the following happened.. and I wonder why it didn''t complain? I am sure I am just misunderstanding some doc

thanks again for your sharp eye and speedy response. i have corrected the typos in the IP in the masq file. I am sorry to have to ask for more help but my pc''s on the local network can''t reach the dmz webserver using the webserver''s local or Public IP address. I need to be able to do this in order to test the split DNS setup for the network. Using ethereal on the

Hopefully this is an easy question.... I''m using a leaf router (bearing) running shorewall. Three interfaces net, loc, and dmz. Only one computer in the dmz and its being proxy arp''d. External and internal (net and loc) can reach the dmz but the dmz cannot reach the isp''s gateway and beyond, but can reach a system adjacent to the firewall.

I have a asterisk server. Two SIP Soft XLites are connected to the server. I am able to make calls from one SIP Phones to the other SIP Phones and landlines successfully. The SIP Soft Phone on th eother side can hear my voice but I cannot hear their voice. They can call my local cell phone as well. Samething, they can hears my voice, I cannot hear their voice. The microphone and speakers are

i am doing a clean install on fedora core 2 using the shorewall rpm and the Shorewall Setup Guide for multiple IP''s using a stock configuration except for AllowDNS and AllowWeb on the firewall (so i can post this message). my shorewall status file is attached. my setup 69.17.65.105 = firewall 69.17.65.22 = dmz server 1 69.17.65.161 = dmz server 2 my local network is

My sincere apologies to all on this list. After looking for returning packets with tcpdump and not finding ANY I called our provider to confirm our IP assignment. The IP range that I was given by my boss was incorrect. After adjusting the ip assignments, everything is working perfectly. Thank you all for your time in troubleshooting this, and I hope to be able to return the favor at some

--On Monday, March 21, 2016 08:57:59 AM -0700 Gordon Messmer <gordon.messmer at gmail.com> wrote: > On 03/20/2016 08:51 PM, Devin Reade wrote: >> In a CentOS 7 test HA cluster I'm building I want both traditional >> services running on the cluster and VMs running on both nodes > > On a purely subjective note: I think that's a bad design. One of the >