HELP (how-to): SnapGear (embedded Linux) Firewall config for public class c network
From: Lazza (wilson_larry_at_hotmail.com)
Date: 08/22/03
- Next message: Sales for IDE-CF flash drive: "Re: modding IDE cable to write-protect compact flash?"
- Previous message: jc: "FOLLOW UP - Acer SA50 thin server - getting root access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 22 Aug 2003 10:24:13 -0700
I am trying to set up a SnapGear SME530 (an embedded linux firewall)
as a router and firewall from an ADSL service (TPG) with a /30 network
address for the router external I/F routing to a public class c
address space on the LAN side. This is shown below:
Internet
|
|
|
----ADSL ISP GW address
| 220.x.y.149/30
|
|
----ADSL modem in bridge mode RFC1483
| admin I/F 203.a.b.253 (currently)
|
----Router/FW (SnapGear SME530)
+WAN Port-> 220.x.y.150/30 (Ext. Router Port )
[*]
+LAN Port-> 203.a.b.1/24 (Int. Router Port )
|
|
|--------------------------------------
| | |
203.a.b.2 203.a.b.100 etc
>From the SME530, I can ping WAN & LAN Interfaces, ISP gateway, any
internet address, LAN hosts.
>From the LAN I can only ping the LAN gateway. Can ping other LAN
hosts.
>From the Internet I can only ping the router/FW (SME530) WAN
interface.
What do I have to do to get the SME530 to pass traffic (TCP, UDP,
ICMP) from the Internet to servers on the LAN and visa-versa?
I also need to set up firewall rules to restrict traffic to WWW, SMTP,
POP3 from the internet to specific hosts only.
Any config suggests, esp how-to would be greatly appreciated.
Regards & Thank You in advance.
Lazza
P.S. I know the ADSL modem admin I/F should probably be on a private
IP address
- Next message: Sales for IDE-CF flash drive: "Re: modding IDE cable to write-protect compact flash?"
- Previous message: jc: "FOLLOW UP - Acer SA50 thin server - getting root access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
